@@ -91,7 +91,7 @@ class listform_tpl_generator {
foreach($listDef["item"] as $field) {
$key = $field["field"];
- $html .= " {tmpl_var name=\"".$key."\"} | \n";
+ $html .= " {tmpl_var name=\"".$key."\"} | \n";
}
$html .= "
diff --git a/interface/lib/classes/plugin_backuplist.inc.php b/interface/lib/classes/plugin_backuplist.inc.php
index 9aebf77e9beb7b22a79a05a820ec9163f9128553..471560ab5ebd9f0285f48373809f17ffdeb1afaa 100644
--- a/interface/lib/classes/plugin_backuplist.inc.php
+++ b/interface/lib/classes/plugin_backuplist.inc.php
@@ -56,50 +56,42 @@ class plugin_backuplist extends plugin_base {
$backup_id = $app->functions->intval($_GET['backup_id']);
//* check if the user is owner of the parent domain
- $domain_backup = $app->db->queryOneRecord("SELECT parent_domain_id FROM web_backup WHERE backup_id = ".$backup_id);
+ $domain_backup = $app->db->queryOneRecord("SELECT parent_domain_id FROM web_backup WHERE backup_id = ?", $backup_id);
$check_perm = 'u';
if($_GET['backup_action'] == 'download') $check_perm = 'r'; // only check read permissions on download, not update permissions
- $get_domain = $app->db->queryOneRecord("SELECT domain_id FROM web_domain WHERE domain_id = ".$app->functions->intval($domain_backup["parent_domain_id"])." AND ".$app->tform->getAuthSQL($check_perm));
+ $get_domain = $app->db->queryOneRecord("SELECT domain_id FROM web_domain WHERE domain_id = ? AND ".$app->tform->getAuthSQL($check_perm), $domain_backup["parent_domain_id"]);
if(empty($get_domain) || !$get_domain) {
$app->error($app->tform->lng('no_domain_perm'));
}
if($_GET['backup_action'] == 'download' && $backup_id > 0) {
- $sql = "SELECT count(action_id) as number FROM sys_remoteaction WHERE action_state = 'pending' AND action_type = 'backup_download' AND action_param = '$backup_id'";
- $tmp = $app->db->queryOneRecord($sql);
+ $server_id = $this->form->dataRecord['server_id'];
+ $backup = $app->db->queryOneRecord("SELECT * FROM web_backup WHERE backup_id = ?", $backup_id);
+ if($backup['server_id'] > 0) $server_id = $backup['server_id'];
+ $sql = "SELECT count(action_id) as number FROM sys_remoteaction WHERE action_state = 'pending' AND action_type = 'backup_download' AND action_param = ?";
+ $tmp = $app->db->queryOneRecord($sql, $backup_id);
if($tmp['number'] == 0) {
$message .= $wb['download_info_txt'];
$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
- "VALUES (".
- (int)$this->form->dataRecord['server_id'] . ", " .
- time() . ", " .
- "'backup_download', " .
- "'".$backup_id."', " .
- "'pending', " .
- "''" .
- ")";
- $app->db->query($sql);
+ "VALUES (?, UNIX_TIMESTAMP(), 'backup_download', ?, 'pending', '')";
+ $app->db->query($sql, $server_id, $backup_id);
} else {
$error .= $wb['download_pending_txt'];
}
}
if($_GET['backup_action'] == 'restore' && $backup_id > 0) {
+ $server_id = $this->form->dataRecord['server_id'];
+ $backup = $app->db->queryOneRecord("SELECT * FROM web_backup WHERE backup_id = ?", $backup_id);
+ if($backup['server_id'] > 0) $server_id = $backup['server_id'];
$sql = "SELECT count(action_id) as number FROM sys_remoteaction WHERE action_state = 'pending' AND action_type = 'backup_restore' AND action_param = '$backup_id'";
$tmp = $app->db->queryOneRecord($sql);
if($tmp['number'] == 0) {
$message .= $wb['restore_info_txt'];
$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
- "VALUES (".
- (int)$this->form->dataRecord['server_id'] . ", " .
- time() . ", " .
- "'backup_restore', " .
- "'".$backup_id."', " .
- "'pending', " .
- "''" .
- ")";
- $app->db->query($sql);
+ "VALUES (?, UNIX_TIMESTAMP(), 'backup_restore', ?, 'pending', '')";
+ $app->db->query($sql, $server_id, $backup_id);
} else {
$error .= $wb['restore_pending_txt'];
}
@@ -108,9 +100,18 @@ class plugin_backuplist extends plugin_base {
}
//* Get the data
- $web = $app->db->queryOneRecord("SELECT server_id FROM web_domain WHERE domain_id = ".$app->functions->intval($this->form->id));
- $sql = "SELECT * FROM web_backup WHERE parent_domain_id = ".$app->functions->intval($this->form->id)." AND server_id = ".$app->functions->intval($web['server_id'])." ORDER BY tstamp DESC, backup_type ASC";
- $records = $app->db->queryAllRecords($sql);
+ $server_ids = array();
+ $web = $app->db->queryOneRecord("SELECT server_id FROM web_domain WHERE domain_id = ?", $this->form->id);
+ $databases = $app->db->queryAllRecords("SELECT server_id FROM web_database WHERE parent_domain_id = ?", $this->form->id);
+ if($app->functions->intval($web['server_id']) > 0) $server_ids[] = $app->functions->intval($web['server_id']);
+ if(is_array($databases) && !empty($databases)){
+ foreach($databases as $database){
+ if($app->functions->intval($database['server_id']) > 0) $server_ids[] = $app->functions->intval($database['server_id']);
+ }
+ }
+ $server_ids = array_unique($server_ids);
+ $sql = "SELECT * FROM web_backup WHERE parent_domain_id = ? AND server_id IN ? ORDER BY tstamp DESC, backup_type ASC";
+ $records = $app->db->queryAllRecords($sql, $this->form->id, $server_ids);
$bgcolor = "#FFFFFF";
if(is_array($records)) {
@@ -122,6 +123,13 @@ class plugin_backuplist extends plugin_base {
$rec['date'] = date($app->lng('conf_format_datetime'), $rec['tstamp']);
$rec['backup_type'] = $wb[('backup_type_'.$rec['backup_type'])];
+
+ $rec['download_available'] = true;
+ if($rec['server_id'] != $web['server_id']) $rec['download_available'] = false;
+
+ if($rec['filesize'] > 0){
+ $rec['filesize'] = $app->functions->currency_format($rec['filesize']/(1024*1024), 'client').' MB';
+ }
$records_new[] = $rec;
}
diff --git a/interface/lib/classes/plugin_backuplist_mail.inc.php b/interface/lib/classes/plugin_backuplist_mail.inc.php
index 5bef570d8d0c1b2f5ec351a0415275e933b5233c..901901a3ed62cc7642d472809ef99ee99aa132c5 100644
--- a/interface/lib/classes/plugin_backuplist_mail.inc.php
+++ b/interface/lib/classes/plugin_backuplist_mail.inc.php
@@ -39,6 +39,9 @@ class plugin_backuplist_mail extends plugin_base {
function onShow() {
global $app;
+
+ $app->uses('functions');
+
$listTpl = new tpl;
$listTpl->newTemplate('templates/mail_user_backup_list.htm');
@@ -52,42 +55,15 @@ class plugin_backuplist_mail extends plugin_base {
if(isset($_GET['backup_action'])) {
$backup_id = $app->functions->intval($_GET['backup_id']);
-/*
- if($_GET['backup_action'] == 'download' && $backup_id > 0) {
- $sql = "SELECT count(action_id) as number FROM sys_remoteaction WHERE action_state = 'pending' AND action_type = 'backup_download' AND action_param = '$backup_id'";
- $tmp = $app->db->queryOneRecord($sql);
- if($tmp['number'] == 0) {
- $message .= $wb['download_info_txt'];
- $sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
- "VALUES (".
- (int)$this->form->dataRecord['server_id'] . ", " .
- time() . ", " .
- "'backup_download', " .
- "'".$backup_id."', " .
- "'pending', " .
- "''" .
- ")";
- $app->db->query($sql);
- } else {
- $error .= $wb['download_pending_txt'];
- }
- }
-*/
- if($_GET['backup_action'] == 'restore' && $backup_id > 0) {
- $sql = "SELECT count(action_id) as number FROM sys_remoteaction WHERE action_state = 'pending' AND action_type = 'backup_restore' AND action_param = '$backup_id'";
- $tmp = $app->db->queryOneRecord($sql);
+
+ if($_GET['backup_action'] == 'restore_mail' && $backup_id > 0) {
+ $sql = "SELECT count(action_id) as number FROM sys_remoteaction WHERE action_state = 'pending' AND action_type = 'backup_restore_mail' AND action_param = ?";
+ $tmp = $app->db->queryOneRecord($sql, $backup_id);
if($tmp['number'] == 0) {
$message .= $wb['restore_info_txt'];
$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
- "VALUES (".
- (int)$this->form->dataRecord['server_id'] . ", " .
- time() . ", " .
- "'backup_restore', " .
- "'".$backup_id."', " .
- "'pending', " .
- "''" .
- ")";
- $app->db->query($sql);
+ "VALUES (?, ? 'backup_restore_mail', ?, 'pending','')";
+ $app->db->query($sql, $this->form->dataRecord['server_id'], time(), $backup_id);
} else {
$error .= $wb['restore_pending_txt'];
}
@@ -95,8 +71,8 @@ class plugin_backuplist_mail extends plugin_base {
}
//* Get the data
- $sql = "SELECT * FROM mail_backup WHERE mailuser_id = ".$this->form->id." ORDER BY tstamp DESC";
- $records = $app->db->queryAllRecords($sql);
+ $sql = "SELECT * FROM mail_backup WHERE mailuser_id = ? ORDER BY tstamp DESC";
+ $records = $app->db->queryAllRecords($sql, $this->form->id);
$bgcolor = "#FFFFFF";
if(is_array($records)) {
foreach($records as $rec) {
@@ -105,6 +81,7 @@ class plugin_backuplist_mail extends plugin_base {
$rec["bgcolor"] = $bgcolor;
$rec['date'] = date($app->lng('conf_format_datetime'),$rec['tstamp']);
$rec['backup_type'] = $wb[('backup_type_'.$rec['backup_type'])];
+ $rec['filesize'] = $app->functions->formatBytes($rec['filesize']);
$records_new[] = $rec;
}
}
diff --git a/interface/lib/classes/plugin_dbhistory.inc.php b/interface/lib/classes/plugin_dbhistory.inc.php
index c6547311106ab330d4cee9975af6b18711f9b4b8..3ad5d42ec05c57a459047e6b342f59ff5979ae30 100644
--- a/interface/lib/classes/plugin_dbhistory.inc.php
+++ b/interface/lib/classes/plugin_dbhistory.inc.php
@@ -47,12 +47,13 @@ class plugin_dbhistory extends plugin_base {
$db_table_idx = $app->tform->formDef["db_table_idx"];
$primary_id = $this->form->id;
if($_SESSION["s"]["user"]["typ"] == 'admin') {
- $sql = "SELECT action, tstamp, user, data FROM sys_datalog WHERE dbtable = '".$db_table."' AND dbidx = '".$db_table_idx.":".$primary_id."'";
+ $sql = "SELECT action, tstamp, user, data FROM sys_datalog WHERE dbtable = ? AND dbidx = ?";
+ $records = $app->db->queryAllRecords($sql, $db_table, $db_table_idx.":".$primary_id);
} else {
- $sql = "SELECT action, tstamp, user, data FROM sys_datalog WHERE user = '".$_SESSION["s"]["user"]["username"]."' dbtable = '".$db_table."' AND dbidx = '".$db_table_idx.":".$primary_id."'";
+ $sql = "SELECT action, tstamp, user, data FROM sys_datalog WHERE user = ? AND dbtable = ? AND dbidx = ?";
+ $records = $app->db->queryAllRecords($sql, $_SESSION["s"]["user"]["username"], $db_table, $db_table_idx.":".$primary_id);
}
- $records = $app->db->queryAllRecords($sql);
if(is_array($records)) {
$content .= '';
foreach($records as $rec) {
diff --git a/interface/lib/classes/plugin_directive_snippets.inc.php b/interface/lib/classes/plugin_directive_snippets.inc.php
new file mode 100644
index 0000000000000000000000000000000000000000..dbc7d4887d1f71b2f3fcc0c0fd2c14813b1bee42
--- /dev/null
+++ b/interface/lib/classes/plugin_directive_snippets.inc.php
@@ -0,0 +1,72 @@
+newTemplate('templates/web_directive_snippets.htm');
+
+ //* Loading language file
+ $lng_file = "lib/lang/".$_SESSION["s"]["language"]."_web_directive_snippets.lng";
+
+ include $lng_file;
+ $listTpl->setVar($wb);
+
+ $message = '';
+ $error = '';
+
+ $server_type = $app->getconf->get_server_config($this->form->dataRecord['server_id'], 'web');
+ $server_type = $server_type['server_type'];
+ $records = $app->db->queryAllRecords("SELECT directive_snippets_id, name FROM directive_snippets WHERE customer_viewable = 'y' AND type = ? ORDER BY name ASC", $server_type);
+
+ for ($i = 0, $c = count($records); $i < $c; $i++)
+ {
+ $records[$i]['is_selected'] = false;
+
+ if ($this->form->dataRecord['directive_snippets_id'] === $records[$i]['directive_snippets_id'])
+ $records[$i]['is_selected'] = true;
+ }
+
+ $listTpl->setLoop('records', $records);
+
+ $list_name = 'directive_snippets_list';
+ $_SESSION["s"]["list"][$list_name]["parent_id"] = $this->form->id;
+ $_SESSION["s"]["list"][$list_name]["parent_name"] = $app->tform->formDef["name"];
+ $_SESSION["s"]["list"][$list_name]["parent_tab"] = $_SESSION["s"]["form"]["tab"];
+ $_SESSION["s"]["list"][$list_name]["parent_script"] = $app->tform->formDef["action"];
+ $_SESSION["s"]["form"]["return_to"] = $list_name;
+
+ return $listTpl->grab();
+ }
+
+ public function onUpdate()
+ {
+ global $app, $conf;
+
+ if (isset($this->form->dataRecord['directive_snippets_id']) && $this->form->oldDataRecord['directive_snippets_id'] !== $this->form->dataRecord['directive_snippets_id']) {
+ $app->db->query('UPDATE web_domain SET directive_snippets_id = ? WHERE domain_id = ?', $this->form->dataRecord['directive_snippets_id'], $this->form->id);
+ }
+ }
+
+ public function onInsert()
+ {
+ global $app, $conf;
+
+ if (isset($this->form->dataRecord['directive_snippets_id'])) {
+ $app->db->query('UPDATE web_domain SET directive_snippets_id = ? WHERE domain_id = ?', $this->form->dataRecord['directive_snippets_id'], $this->form->id);
+ }
+ }
+
+}
+?>
\ No newline at end of file
diff --git a/interface/lib/classes/plugin_listview.inc.php b/interface/lib/classes/plugin_listview.inc.php
index e7d576cd17a58c9af14ac3e4f7761ed4ea520bbb..bc764caefe0dbb144b53d6c87826bad5edb0a637 100644
--- a/interface/lib/classes/plugin_listview.inc.php
+++ b/interface/lib/classes/plugin_listview.inc.php
@@ -126,7 +126,7 @@ class plugin_listview extends plugin_base {
// Get the data
- $records = $app->db->queryAllRecords("SELECT * FROM ".$app->listform->listDef["table"]." WHERE $sql_where $sql_order_by $limit_sql");
+ $records = $app->db->queryAllRecords("SELECT * FROM ?? WHERE $sql_where $sql_order_by $limit_sql", $app->listform->listDef["table"]);
$bgcolor = "#FFFFFF";
if(is_array($records)) {
@@ -174,6 +174,58 @@ class plugin_listview extends plugin_base {
$_SESSION["s"]["form"]["return_to"] = $list_name;
//die(print_r($_SESSION["s"]["list"][$list_name]));
+ // defaults
+ $listTpl->setVar('app_title', $app->_conf['app_title']);
+ if(isset($_SESSION['s']['user'])) {
+ $listTpl->setVar('app_version', $app->_conf['app_version']);
+ // get pending datalog changes
+ $datalog = $app->db->datalogStatus();
+ $listTpl->setVar('datalog_changes_txt', $app->lng('datalog_changes_txt'));
+ $listTpl->setVar('datalog_changes_end_txt', $app->lng('datalog_changes_end_txt'));
+ $listTpl->setVar('datalog_changes_count', $datalog['count']);
+ $listTpl->setLoop('datalog_changes', $datalog['entries']);
+ } else {
+ $listTpl->setVar('app_version', '');
+ }
+ $listTpl->setVar('app_link', $app->_conf['app_link']);
+
+ $listTpl->setVar('app_logo', $app->_conf['logo']);
+
+ $listTpl->setVar('phpsessid', session_id());
+
+ $listTpl->setVar('theme', $_SESSION['s']['theme']);
+ $listTpl->setVar('html_content_encoding', $app->_conf['html_content_encoding']);
+
+ $listTpl->setVar('delete_confirmation', $app->lng('delete_confirmation'));
+ //print_r($_SESSION);
+ if(isset($_SESSION['s']['module']['name'])) {
+ $listTpl->setVar('app_module', $_SESSION['s']['module']['name']);
+ }
+ if(isset($_SESSION['s']['user']) && $_SESSION['s']['user']['typ'] == 'admin') {
+ $listTpl->setVar('is_admin', 1);
+ }
+ if(isset($_SESSION['s']['user']) && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+ $listTpl->setVar('is_reseller', 1);
+ }
+ /* Show username */
+ if(isset($_SESSION['s']['user'])) {
+ $listTpl->setVar('cpuser', $_SESSION['s']['user']['username']);
+ $listTpl->setVar('logout_txt', $app->lng('logout_txt'));
+ /* Show search field only for normal users, not mail users */
+ if(stristr($_SESSION['s']['user']['username'], '@')){
+ $listTpl->setVar('usertype', 'mailuser');
+ } else {
+ $listTpl->setVar('usertype', 'normaluser');
+ }
+ }
+
+ /* Global Search */
+ $listTpl->setVar('globalsearch_resultslimit_of_txt', $app->lng('globalsearch_resultslimit_of_txt'));
+ $listTpl->setVar('globalsearch_resultslimit_results_txt', $app->lng('globalsearch_resultslimit_results_txt'));
+ $listTpl->setVar('globalsearch_noresults_text_txt', $app->lng('globalsearch_noresults_text_txt'));
+ $listTpl->setVar('globalsearch_noresults_limit_txt', $app->lng('globalsearch_noresults_limit_txt'));
+ $listTpl->setVar('globalsearch_searchfield_watermark_txt', $app->lng('globalsearch_searchfield_watermark_txt'));
+
return $listTpl->grab();
}
diff --git a/interface/lib/classes/quota_lib.inc.php b/interface/lib/classes/quota_lib.inc.php
index b9ef6aab26915141ecbc3acfad666d38377f6543..24a3ce3d0d65a867640dbe165d14cb57be56a820 100644
--- a/interface/lib/classes/quota_lib.inc.php
+++ b/interface/lib/classes/quota_lib.inc.php
@@ -14,7 +14,7 @@ class quota_lib {
//print_r($monitor_data);
// select all websites or websites belonging to client
- $sites = $app->db->queryAllRecords("SELECT * FROM web_domain WHERE active = 'y' AND type = 'vhost'".(($clientid != null)?" AND sys_groupid = (SELECT default_group FROM sys_user WHERE client_id=?)":''), $app->functions->intval($client_id));
+ $sites = $app->db->queryAllRecords("SELECT * FROM web_domain WHERE active = 'y' AND type = 'vhost'".(($clientid != null)?" AND sys_groupid = (SELECT default_group FROM sys_user WHERE client_id=?)":''), $clientid);
//print_r($sites);
if(is_array($sites) && !empty($sites)){
@@ -35,7 +35,13 @@ class quota_lib {
if (!is_numeric($sites[$i]['soft'])) $sites[$i]['soft']=$sites[$i]['soft'][1];
if (!is_numeric($sites[$i]['hard'])) $sites[$i]['hard']=$sites[$i]['hard'][1];
if (!is_numeric($sites[$i]['files'])) $sites[$i]['files']=$sites[$i]['files'][1];
-
+
+ $sites[$i]['used_raw'] = $sites[$i]['used'];
+ $sites[$i]['soft_raw'] = $sites[$i]['soft'];
+ $sites[$i]['hard_raw'] = $sites[$i]['hard'];
+ $sites[$i]['files_raw'] = $sites[$i]['files'];
+ $sites[$i]['used_percentage'] = ($sites[$i]['soft'] > 0 && $sites[$i]['used'] > 0 ? round($sites[$i]['used'] * 100 / $sites[$i]['soft']) : 0);
+
if ($readable) {
// colours
$sites[$i]['display_colour'] = '#000000';
@@ -89,7 +95,68 @@ class quota_lib {
return $sites;
}
-
+
+ public function get_trafficquota_data($clientid = null, $lastdays = 0) {
+ global $app;
+
+ $traffic_data = array();
+
+ // select vhosts (belonging to client)
+ if($clientid != null){
+ $sql_where = " AND sys_groupid = (SELECT default_group FROM sys_user WHERE client_id=?)";
+ }
+ $sites = $app->db->queryAllRecords("SELECT * FROM web_domain WHERE active = 'y' AND (type = 'vhost' OR type = 'vhostsubdomain' OR type = 'vhostalias')".$sql_where, $clientid);
+
+ $hostnames = array();
+ $traffic_data = array();
+
+ foreach ($sites as $site) {
+ $hostnames[] = $site['domain'];
+ $traffic_data[$site['domain']]['domain_id'] = $site['domain_id'];
+ }
+
+ // fetch all traffic-data of selected vhosts
+ if (!empty($hostnames)) {
+ $tmp_year = date('Y');
+ $tmp_month = date('m');
+ // This Month
+ $tmp_recs = $app->db->queryAllRecords("SELECT hostname, SUM(traffic_bytes) as t FROM web_traffic WHERE YEAR(traffic_date) = ? AND MONTH(traffic_date) = ? AND hostname IN ? GROUP BY hostname", $tmp_year, $tmp_month, $hostnames);
+ foreach ($tmp_recs as $tmp_rec) {
+ $traffic_data[$tmp_rec['hostname']]['this_month'] = $tmp_rec['t'];
+ }
+ // This Year
+ $tmp_recs = $app->db->queryAllRecords("SELECT hostname, SUM(traffic_bytes) as t FROM web_traffic WHERE YEAR(traffic_date) = ? AND hostname IN ? GROUP BY hostname", $tmp_year, $hostnames);
+ foreach ($tmp_recs as $tmp_rec) {
+ $traffic_data[$tmp_rec['hostname']]['this_year'] = $tmp_rec['t'];
+ }
+
+ $tmp_year = date('Y', mktime(0, 0, 0, date("m")-1, date("d"), date("Y")));
+ $tmp_month = date('m', mktime(0, 0, 0, date("m")-1, date("d"), date("Y")));
+ // Last Month
+ $tmp_recs = $app->db->queryAllRecords("SELECT hostname, SUM(traffic_bytes) as t FROM web_traffic WHERE YEAR(traffic_date) = ? AND MONTH(traffic_date) = ? AND hostname IN ? GROUP BY hostname", $tmp_year, $tmp_month, $hostnames);
+ foreach ($tmp_recs as $tmp_rec) {
+ $traffic_data[$tmp_rec['hostname']]['last_month'] = $tmp_rec['t'];
+ }
+
+ $tmp_year = date('Y', mktime(0, 0, 0, date("m"), date("d"), date("Y")-1));
+ // Last Year
+ $tmp_recs = $app->db->queryAllRecords("SELECT hostname, SUM(traffic_bytes) as t FROM web_traffic WHERE YEAR(traffic_date) = ? AND hostname IN ? GROUP BY hostname", $tmp_year, $hostnames);
+ foreach ($tmp_recs as $tmp_rec) {
+ $traffic_data[$tmp_rec['hostname']]['last_year'] = $tmp_rec['t'];
+ }
+
+ if (is_int($lastdays) && ($lastdays > 0)) {
+ // Last xx Days
+ $tmp_recs = $app->db->queryAllRecords("SELECT hostname, SUM(traffic_bytes) as t FROM web_traffic WHERE (traffic_date >= DATE_SUB(NOW(), INTERVAL ? DAY)) AND hostname IN ? GROUP BY hostname", $lastdays, $hostnames);
+ foreach ($tmp_recs as $tmp_rec) {
+ $traffic_data[$tmp_rec['hostname']]['lastdays'] = $tmp_rec['t'];
+ }
+ }
+ }
+
+ return $traffic_data;
+ }
+
public function get_mailquota_data($clientid = null, $readable = true) {
global $app;
@@ -109,7 +176,7 @@ class quota_lib {
//print_r($monitor_data);
// select all email accounts or email accounts belonging to client
- $emails = $app->db->queryAllRecords("SELECT * FROM mail_user".(($clientid != null)? " WHERE sys_groupid = (SELECT default_group FROM sys_user WHERE client_id=?)" : ''), $app->functions->intval($client_id));
+ $emails = $app->db->queryAllRecords("SELECT * FROM mail_user".(($clientid != null)? " WHERE sys_groupid = (SELECT default_group FROM sys_user WHERE client_id=?)" : ''), $clientid);
//print_r($emails);
if(is_array($emails) && !empty($emails)){
@@ -120,6 +187,11 @@ class quota_lib {
if (!is_numeric($emails[$i]['used'])) $emails[$i]['used']=$emails[$i]['used'][1];
+ $emails[$i]['quota_raw'] = $emails[$i]['quota'];
+ $emails[$i]['used_raw'] = $emails[$i]['used'];
+ $emails[$i]['used_percentage'] = ($emails[$i]['quota'] > 0 && $emails[$i]['used'] > 0 ? round($emails[$i]['used'] * 100 / $emails[$i]['quota']) : 0);
+
+
if ($readable) {
// colours
$emails[$i]['display_colour'] = '#000000';
@@ -149,4 +221,66 @@ class quota_lib {
return $emails;
}
+
+ public function get_databasequota_data($clientid = null, $readable = true) {
+ global $app;
+
+ $tmp_rec = $app->db->queryAllRecords("SELECT data from monitor_data WHERE type = 'database_size' ORDER BY created DESC");
+ $monitor_data = array();
+ if(is_array($tmp_rec)) {
+ foreach ($tmp_rec as $tmp_mon) {
+ $tmp_array = unserialize($app->db->unquote($tmp_mon['data']));
+ if(is_array($tmp_array)) {
+ foreach($tmp_array as $key => $data) {
+ if(!isset($monitor_data[$data['database_name']]['size'])) $monitor_data[$data['database_name']]['size'] = $data['size'];
+ }
+ }
+ }
+ }
+ //print_r($monitor_data);
+
+ // select all databases belonging to client
+ $databases = $app->db->queryAllRecords("SELECT * FROM web_database".(($clientid != null)? " WHERE sys_groupid = (SELECT default_group FROM sys_user WHERE client_id=?)" : ''), $clientid);
+
+ //print_r($databases);
+ if(is_array($databases) && !empty($databases)){
+ for($i=0;$i 0) && ($databases[$i]['used'] > 0)) ? round($databases[$i]['used'] * 100 / $databases[$i]['database_quota']) : 0;
+
+ if ($readable) {
+ // colours
+ $databases[$i]['display_colour'] = '#000000';
+ if($databases[$i]['database_quota'] > 0){
+ $used_ratio = $databases[$i]['used']/$databases[$i]['database_quota'];
+ } else {
+ $used_ratio = 0;
+ }
+ if($used_ratio >= 0.8) $databases[$i]['display_colour'] = '#fd934f';
+ if($used_ratio >= 1) $databases[$i]['display_colour'] = '#cc0000';
+
+ if($databases[$i]['database_quota'] == 0){
+ $databases[$i]['database_quota'] = $app->lng('unlimited');
+ } else {
+ $databases[$i]['database_quota'] = round($databases[$i]['database_quota'] / 1048576, 4).' MB';
+ }
+
+
+ if($databases[$i]['used'] < 1544000) {
+ $databases[$i]['used'] = round($databases[$i]['used'] / 1024, 4).' KB';
+ } else {
+ $databases[$i]['used'] = round($databases[$i]['used'] / 1048576, 4).' MB';
+ }
+ }
+ }
+ }
+
+ return $databases;
+ }
+
}
\ No newline at end of file
diff --git a/interface/lib/classes/remote.d/admin.inc.php b/interface/lib/classes/remote.d/admin.inc.php
index ba966fe1aba371daaf03fcb19844fa1681f4b8c7..2541ca5c19f35bebd850e4a6f3435ea79bfd738c 100644
--- a/interface/lib/classes/remote.d/admin.inc.php
+++ b/interface/lib/classes/remote.d/admin.inc.php
@@ -60,7 +60,7 @@ class remoting_admin extends remoting {
switch($key) {
case 'sys_userid':
// check if userid is valid
- $check = $app->db->queryOneRecord('SELECT userid FROM sys_user WHERE userid = ' . $app->functions->intval($value));
+ $check = $app->db->queryOneRecord('SELECT userid FROM sys_user WHERE userid = ?', $app->functions->intval($value));
if(!$check || !$check['userid']) {
$this->server->fault('invalid parameters', $value . ' is no valid sys_userid.');
return false;
@@ -69,7 +69,7 @@ class remoting_admin extends remoting {
break;
case 'sys_groupid':
// check if groupid is valid
- $check = $app->db->queryOneRecord('SELECT groupid FROM sys_group WHERE groupid = ' . $app->functions->intval($value));
+ $check = $app->db->queryOneRecord('SELECT groupid FROM sys_group WHERE groupid = ?', $app->functions->intval($value));
if(!$check || !$check['groupid']) {
$this->server->fault('invalid parameters', $value . ' is no valid sys_groupid.');
return false;
diff --git a/interface/lib/classes/remote.d/aps.inc.php b/interface/lib/classes/remote.d/aps.inc.php
new file mode 100644
index 0000000000000000000000000000000000000000..b626f1b7abf6b21d7037b02b654a28af53495e9e
--- /dev/null
+++ b/interface/lib/classes/remote.d/aps.inc.php
@@ -0,0 +1,318 @@
+
+Copyright (c) Profi Webdesign Dominik Müller
+
+*/
+
+class remoting_aps extends remoting {
+ //* Functions for APS
+ public function sites_aps_update_package_list($session_id)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'sites_aps_update_package')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $app->load('aps_crawler');
+ $aps = new ApsCrawler($app, false); // true = Interface mode, false = Server mode
+ $aps->startCrawler();
+ $aps->parseFolderToDB();
+ $aps->fixURLs();
+
+ return true;
+ }
+
+ public function sites_aps_available_packages_list($session_id, $params)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'sites_aps_available_packages_list')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $app->load('aps_base');
+
+ if (isset($params['all_packages']) && ($params['all_packages'] == true)) {
+ $where = '(aps_packages.package_status = '.PACKAGE_ENABLED.' OR aps_packages.package_status = '.PACKAGE_LOCKED.')';
+ }
+ else {
+ $where = 'aps_packages.package_status = '.PACKAGE_ENABLED;
+ }
+
+ $sql = 'SELECT * FROM aps_packages WHERE '.$where.' ORDER BY aps_packages.name, aps_packages.version';
+ return $app->db->queryAllRecords($sql);
+ }
+
+ public function sites_aps_get_package_details($session_id, $primary_id)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'sites_aps_get_package_details')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $app->load('aps_guicontroller');
+ $gui = new ApsGUIController($app);
+
+ // Package-ID Check
+ if (isset($primary_id))
+ {
+ $newest_pkg_id = $gui->getNewestPackageID($pkg_id);
+ if($newest_pkg_id != 0) $primary_id = $newest_pkg_id;
+ }
+
+ // Make sure an integer ID is given
+ if (!isset($primary_id) || !$gui->isValidPackageID($primary_id, true)) {// always adminflag
+ $this->server->fault('package_error', 'The given Package ID is not valid.');
+ return false;
+ }
+
+ // Get package details
+ $details = $gui->getPackageDetails($primary_id);
+ if (isset($details['error'])) {
+ $this->server->fault('package_error', $details['error']);
+ return false;
+ }
+
+ // encode all parts to ensure SOAP-XML-format
+ array_walk_recursive($details, function(&$item, &$key) { $item = utf8_encode($item); } );
+ // Special handling for license-text because of too much problems with soap-transport
+ $details['License content'] = base64_encode($details['License content']);
+
+ return $details;
+ }
+
+ public function sites_aps_get_package_file($session_id, $primary_id, $filename) {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'sites_aps_get_package_file')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $app->load('aps_guicontroller');
+ $gui = new ApsGUIController($app);
+
+ // Package-ID Check
+ if (isset($primary_id))
+ {
+ $newest_pkg_id = $gui->getNewestPackageID($pkg_id);
+ if($newest_pkg_id != 0) $primary_id = $newest_pkg_id;
+ }
+
+ // Make sure an integer ID is given
+ if (!isset($primary_id) || !$gui->isValidPackageID($primary_id, true)) {// always adminflag
+ $this->server->fault('package_error', 'The given Package ID is not valid.');
+ return false;
+ }
+
+ // Get package details
+ $details = $gui->getPackageDetails($primary_id);
+ if (isset($details['error'])) {
+ $this->server->fault('package_error', $details['error']);
+ return false;
+ }
+
+ // find file in details
+ $found = false;
+ if (basename($details['Icon']) == $filename) $found = true;
+ if (!$found && isset($details['Screenshots']) && is_array($details['Screenshots']))
+ foreach ($details['Screenshots'] as $screen) { if (basename($screen['ScreenPath']) == $filename) { $found = true; break; } }
+
+ if (!$found) {
+ $this->server->fault('package_error', 'File not found in package.');
+ return false;
+ }
+
+ return base64_encode(file_get_contents(ISPC_ROOT_PATH.'/web/sites/aps_meta_packages/'.$details['path'].'/'.$filename));
+ }
+
+ public function sites_aps_get_package_settings($session_id, $primary_id)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'sites_aps_get_package_details')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $app->load('aps_guicontroller');
+ $gui = new ApsGUIController($app);
+
+ // Package-ID Check
+ if (isset($primary_id))
+ {
+ $newest_pkg_id = $gui->getNewestPackageID($pkg_id);
+ if($newest_pkg_id != 0) $primary_id = $newest_pkg_id;
+ }
+
+ // Make sure an integer ID is given
+ if (!isset($primary_id) || !$gui->isValidPackageID($primary_id, true)) {// always adminflag
+ $this->server->fault('package_error', 'The given Package ID is not valid.');
+ return false;
+ }
+
+ // Get package settings
+ $settings = $gui->getPackageSettings($primary_id);
+ if (isset($settings['error'])) {
+ $this->server->fault('package_error', $settings['error']);
+ return false;
+ }
+
+ // encode all parts to ensure SOAP-XML-format
+ array_walk_recursive($settings, function(&$item, &$key) { $item = utf8_encode($item); } );
+
+ return $settings;
+ }
+
+ public function sites_aps_install_package($session_id, $primary_id, $params)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'sites_aps_install_package')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $app->load('aps_guicontroller');
+ $gui = new ApsGUIController($app);
+
+ // Package-ID Check
+ if (isset($primary_id))
+ {
+ $newest_pkg_id = $gui->getNewestPackageID($primary_id);
+ if($newest_pkg_id != 0) $primary_id = $newest_pkg_id;
+ }
+
+ // Make sure an integer ID is given
+ if (!isset($primary_id) || !$gui->isValidPackageID($primary_id, true)) {// always adminflag
+ $this->server->fault('package_error', 'The given Package ID is not valid.');
+ return false;
+ }
+
+ // Get package details
+ $details = $gui->getPackageDetails($primary_id);
+ if (isset($details['error'])) {
+ $this->server->fault('package_error', $details['error']);
+ return false;
+ }
+ $settings = $gui->getPackageSettings($primary_id);
+ if (isset($settings['error'])) {
+ $this->server->fault('package_error', $settings['error']);
+ return false;
+ }
+
+ // Check given Site/VHostDomain
+ if (!isset($params['main_domain'])) {
+ $this->server->fault('invalid parameters', 'No valid domain given.');
+ return false;
+ }
+
+ $sql = "SELECT * FROM web_domain WHERE domain = ?";
+ $domain = $app->db->queryOneRecord($sql, $params['main_domain']);
+
+ if (!$domain) {
+ $this->server->fault('invalid parameters', 'No valid domain given.');
+ return false;
+ }
+
+ $domains = array($domain['domain']); // Simulate correct Domain-List
+ $result = $gui->validateInstallerInput($params, $details, $domains, $settings);
+ if(empty($result['error']))
+ {
+ return $gui->createPackageInstance($result['input'], $primary_id);
+ }
+
+ $this->server->fault('invalid parameters', implode(' ', $result['error']));
+ return false;
+ }
+
+ public function sites_aps_instance_get($session_id, $primary_id)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'sites_aps_instance_get')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $sql = "SELECT * FROM aps_instances WHERE id = ?";
+ $result = $app->db->queryOneRecord($sql, $app->functions->intval($primary_id));
+ return $result;
+ }
+
+ public function sites_aps_instance_settings_get($session_id, $primary_id)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'sites_aps_instance_get')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $sql = "SELECT * FROM aps_instances_settings WHERE instance_id = ?";
+ $result = $app->db->queryAllRecords($sql, $app->functions->intval($primary_id));
+ return $result;
+ }
+
+ public function sites_aps_instance_delete($session_id, $primary_id, $params = array())
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'sites_aps_instance_delete')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $app->load('aps_guicontroller');
+ $gui = new ApsGUIController($app);
+
+ // Check if Instance exists
+ $sql = "SELECT * FROM aps_instances WHERE id = ?";
+ $result = $app->db->queryOneRecord($sql, $primary_id);
+
+ if (!$result) {
+ $this->server->fault('instance_error', 'No valid instance id given.');
+ return false;
+ }
+
+ $gui->deleteInstance($primary_id, (isset($params['keep_database']) && ($params['keep_database'] === true)));
+
+ return true;
+ }
+}
+
+?>
diff --git a/interface/lib/classes/remote.d/client.inc.php b/interface/lib/classes/remote.d/client.inc.php
index d780ec8533d19411fd18804c7771f72ece851a77..cccc04f110baa654e789d89f3ba0014afcfa2051 100644
--- a/interface/lib/classes/remote.d/client.inc.php
+++ b/interface/lib/classes/remote.d/client.inc.php
@@ -65,7 +65,7 @@ class remoting_client extends remoting {
if(isset($data['client_id'])) {
// this is a single record
if($data['template_additional'] == '') {
- $tpls = $app->db->queryAllRecords('SELECT CONCAT(`assigned_template_id`, \':\', `client_template_id`) as `item` FROM `client_template_assigned` WHERE `client_id` = ' . $data['client_id']);
+ $tpls = $app->db->queryAllRecords('SELECT CONCAT(`assigned_template_id`, \':\', `client_template_id`) as `item` FROM `client_template_assigned` WHERE `client_id` = ?', $data['client_id']);
$tpl_arr = array();
if($tpls) {
foreach($tpls as $tpl) $tpl_arr[] = $tpl['item'];
@@ -78,7 +78,7 @@ class remoting_client extends remoting {
// multiple client records
foreach($data as $index => $client) {
if($client['template_additional'] == '') {
- $tpls = $app->db->queryAllRecords('SELECT CONCAT(`assigned_template_id`, \':\', `client_template_id`) as `item` FROM `client_template_assigned` WHERE `client_id` = ' . $client['client_id']);
+ $tpls = $app->db->queryAllRecords('SELECT CONCAT(`assigned_template_id`, \':\', `client_template_id`) as `item` FROM `client_template_assigned` WHERE `client_id` = ?', $client['client_id']);
$tpl_arr = array();
if($tpls) {
foreach($tpls as $tpl) $tpl_arr[] = $tpl['item'];
@@ -104,7 +104,7 @@ class remoting_client extends remoting {
$sys_userid = $app->functions->intval($sys_userid);
- $rec = $app->db->queryOneRecord("SELECT client_id FROM sys_user WHERE userid = ".$sys_userid);
+ $rec = $app->db->queryOneRecord("SELECT client_id FROM sys_user WHERE userid = ?", $sys_userid);
if(isset($rec['client_id'])) {
return $app->functions->intval($rec['client_id']);
} else {
@@ -125,7 +125,7 @@ class remoting_client extends remoting {
$client_id = $app->functions->intval($client_id);
- $rec = $app->db->queryOneRecord("SELECT company_name,contact_name,gender,email,language FROM client WHERE client_id = ".$client_id);
+ $rec = $app->db->queryOneRecord("SELECT company_name,contact_name,gender,email,language FROM client WHERE client_id = ?", $client_id);
if(is_array($rec)) {
return $rec;
@@ -145,7 +145,7 @@ class remoting_client extends remoting {
$client_id = $app->functions->intval($client_id);
- $rec = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$client_id);
+ $rec = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ?", $client_id);
if(isset($rec['groupid'])) {
return $app->functions->intval($rec['groupid']);
} else {
@@ -169,7 +169,7 @@ class remoting_client extends remoting {
if($params['parent_client_id']) {
// check if this one is reseller
- $check = $app->db->queryOneRecord('SELECT `limit_client` FROM `client` WHERE `client_id` = ' . intval($params['parent_client_id']));
+ $check = $app->db->queryOneRecord('SELECT `limit_client` FROM `client` WHERE `client_id` = ?', intval($params['parent_client_id']));
if($check['limit_client'] == 0) {
$this->server->fault('Invalid reseller', 'Selected client is not a reseller.');
return false;
@@ -208,7 +208,7 @@ class remoting_client extends remoting {
if($params['parent_client_id']) {
// check if this one is reseller
- $check = $app->db->queryOneRecord('SELECT `limit_client` FROM `client` WHERE `client_id` = ' . intval($params['parent_client_id']));
+ $check = $app->db->queryOneRecord('SELECT `limit_client` FROM `client` WHERE `client_id` = ?', intval($params['parent_client_id']));
if($check['limit_client'] == 0) {
$this->server->fault('Invalid reseller', 'Selected client is not a reseller.');
return false;
@@ -221,7 +221,7 @@ class remoting_client extends remoting {
}
// we need the previuos templates assigned here
- $this->oldTemplatesAssigned = $app->db->queryAllRecords('SELECT * FROM `client_template_assigned` WHERE `client_id` = ' . $client_id);
+ $this->oldTemplatesAssigned = $app->db->queryAllRecords('SELECT * FROM `client_template_assigned` WHERE `client_id` = ?', $client_id);
if(!is_array($this->oldTemplatesAssigned) || count($this->oldTemplatesAssigned) < 1) {
// check previous type of storing templates
$tpls = explode('/', $old_rec['template_additional']);
@@ -258,8 +258,8 @@ class remoting_client extends remoting {
}
if(@is_numeric($client_id)) {
- $sql = "SELECT * FROM `client_template_assigned` WHERE `client_id` = ".$client_id;
- return $app->db->queryOneRecord($sql);
+ $sql = "SELECT * FROM `client_template_assigned` WHERE `client_id` = ?";
+ return $app->db->queryOneRecord($sql, $client_id);
} else {
$this->server->fault('The ID must be an integer.');
return array();
@@ -270,10 +270,10 @@ class remoting_client extends remoting {
global $app;
$this->id = $client_id;
- $this->dataRecord = $app->db->queryOneRecord('SELECT * FROM `client` WHERE `client_id` = ' . $client_id);
+ $this->dataRecord = $app->db->queryOneRecord('SELECT * FROM `client` WHERE `client_id` = ?', $client_id);
$this->oldDataRecord = $this->dataRecord;
- $this->oldTemplatesAssigned = $app->db->queryAllRecords('SELECT * FROM `client_template_assigned` WHERE `client_id` = ' . $client_id);
+ $this->oldTemplatesAssigned = $app->db->queryAllRecords('SELECT * FROM `client_template_assigned` WHERE `client_id` = ?', $client_id);
if(!is_array($this->oldTemplatesAssigned) || count($this->oldTemplatesAssigned) < 1) {
// check previous type of storing templates
$tpls = explode('/', $this->oldDataRecord['template_additional']);
@@ -297,13 +297,13 @@ class remoting_client extends remoting {
if(@is_numeric($client_id) && @is_numeric($template_id)) {
// check if client exists
- $check = $app->db->queryOneRecord('SELECT `client_id` FROM `client` WHERE `client_id` = ' . $client_id);
+ $check = $app->db->queryOneRecord('SELECT `client_id` FROM `client` WHERE `client_id` = ?', $client_id);
if(!$check) {
$this->server->fault('Invalid client');
return false;
}
// check if template exists
- $check = $app->db->queryOneRecord('SELECT `template_id` FROM `client_template` WHERE `template_id` = ' . $template_id);
+ $check = $app->db->queryOneRecord('SELECT `template_id` FROM `client_template` WHERE `template_id` = ?', $template_id);
if(!$check) {
$this->server->fault('Invalid template');
return false;
@@ -312,8 +312,8 @@ class remoting_client extends remoting {
// for the update event we have to cheat a bit
$this->_set_client_formdata($client_id);
- $sql = "INSERT INTO `client_template_assigned` (`client_id`, `client_template_id`) VALUES (" . $client_id . ", " . $template_id . ")";
- $app->db->query($sql);
+ $sql = "INSERT INTO `client_template_assigned` (`client_id`, `client_template_id`) VALUES (?, ?)";
+ $app->db->query($sql, $client_id, $template_id);
$insert_id = $app->db->insertID();
$app->plugin->raiseEvent('client:client:on_after_update', $this);
@@ -335,13 +335,13 @@ class remoting_client extends remoting {
if(@is_numeric($client_id) && @is_numeric($template_id)) {
// check if client exists
- $check = $app->db->queryOneRecord('SELECT `client_id` FROM `client` WHERE `client_id` = ' . $client_id);
+ $check = $app->db->queryOneRecord('SELECT `client_id` FROM `client` WHERE `client_id` = ?', $client_id);
if(!$check) {
$this->server->fault('Invalid client');
return false;
}
// check if template exists
- $check = $app->db->queryOneRecord('SELECT `assigned_template_id` FROM `client_template_assigned` WHERE `assigned_template_id` = ' . $assigned_template_id);
+ $check = $app->db->queryOneRecord('SELECT `assigned_template_id` FROM `client_template_assigned` WHERE `assigned_template_id` = ?', $assigned_template_id);
if(!$check) {
$this->server->fault('Invalid template');
return false;
@@ -350,8 +350,8 @@ class remoting_client extends remoting {
// for the update event we have to cheat a bit
$this->_set_client_formdata($client_id);
- $sql = "DELETE FROM `client_template_assigned` WHERE `assigned_template_id` = " . $template_id . " AND `client_id` = " . $client_id;
- $app->db->query($sql);
+ $sql = "DELETE FROM `client_template_assigned` WHERE `assigned_template_id` = ? AND `client_id` = ?";
+ $app->db->query($sql, $template_id, $client_id);
$affected_rows = $app->db->affectedRows();
$app->plugin->raiseEvent('client:client:on_after_update', $this);
@@ -395,15 +395,15 @@ class remoting_client extends remoting {
if($client_id > 0) {
//* remove the group of the client from the resellers group
$parent_client_id = $app->functions->intval($this->dataRecord['parent_client_id']);
- $parent_user = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE client_id = $parent_client_id");
- $client_group = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = $client_id");
+ $parent_user = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE client_id = ?", $parent_client_id);
+ $client_group = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ?", $client_id);
$app->auth->remove_group_from_user($parent_user['userid'], $client_group['groupid']);
//* delete the group of the client
- $app->db->query("DELETE FROM sys_group WHERE client_id = $client_id");
+ $app->db->query("DELETE FROM sys_group WHERE client_id = ?", $client_id);
//* delete the sys user(s) of the client
- $app->db->query("DELETE FROM sys_user WHERE client_id = $client_id");
+ $app->db->query("DELETE FROM sys_user WHERE client_id = ?", $client_id);
//* Delete all records (sub-clients, mail, web, etc....) of this client.
$tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain,web_traffic';
@@ -413,7 +413,7 @@ class remoting_client extends remoting {
if($client_group_id > 1) {
foreach($tables_array as $table) {
if($table != '') {
- $records = $app->db->queryAllRecords("SELECT * FROM $table WHERE sys_groupid = ".$client_group_id);
+ $records = $app->db->queryAllRecords("SELECT * FROM $table WHERE sys_groupid = ?", $client_group_id);
//* find the primary ID of the table
$table_info = $app->db->tableInfo($table);
$index_field = '';
@@ -428,11 +428,11 @@ class remoting_client extends remoting {
$app->db->datalogDelete($table, $index_field, $rec[$index_field]);
//* Delete traffic records that dont have a sys_groupid column
if($table == 'web_domain') {
- $app->db->query("DELETE FROM web_traffic WHERE hostname = '".$app->db->quote($rec['domain'])."'");
+ $app->db->query("DELETE FROM web_traffic WHERE hostname = ?", $rec['domain']);
}
//* Delete mail_traffic records that dont have a sys_groupid
if($table == 'mail_user') {
- $app->db->query("DELETE FROM mail_traffic WHERE mailuser_id = '".$app->db->quote($rec['mailuser_id'])."'");
+ $app->db->query("DELETE FROM mail_traffic WHERE mailuser_id = ?", $rec['mailuser_id']);
}
}
}
@@ -468,8 +468,7 @@ class remoting_client extends remoting {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $username = $app->db->quote($username);
- $rec = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE username = '".$username."'");
+ $rec = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE username = ?", $username);
if (isset($rec)) {
return $rec;
} else {
@@ -477,6 +476,27 @@ class remoting_client extends remoting {
return false;
}
}
+
+ public function client_get_by_customer_no($session_id, $customer_no) {
+ global $app;
+ if(!$this->checkPerm($session_id, 'client_get_by_customer_no')) {
+ throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ $customer_no = trim($customer_no);
+ if($customer_no == '') {
+ throw new SoapFault('permission_denied', 'There was no customer number specified.');
+ return false;
+ }
+ $customer_no = $app->db->quote($customer_no);
+ $rec = $app->db->queryOneRecord("SELECT * FROM client WHERE customer_no = '".$customer_no."'");
+ if (isset($rec)) {
+ return $rec;
+ } else {
+ throw new SoapFault('no_client_found', 'There is no user account for this customer number.');
+ return false;
+ }
+ }
/**
* Get All client_id's from database
@@ -517,13 +537,12 @@ class remoting_client extends remoting {
return false;
}
$client_id = $app->functions->intval($client_id);
- $client = $app->db->queryOneRecord("SELECT client_id FROM client WHERE client_id = ".$client_id);
+ $client = $app->db->queryOneRecord("SELECT client_id FROM client WHERE client_id = ?", $client_id);
if($client['client_id'] > 0) {
- $new_password = $app->db->quote($new_password);
- $sql = "UPDATE client SET password = md5('".($new_password)."') WHERE client_id = ".$client_id;
- $app->db->query($sql);
- $sql = "UPDATE sys_user SET passwort = md5('".($new_password)."') WHERE client_id = ".$client_id;
- $app->db->query($sql);
+ $sql = "UPDATE client SET password = md5(?) WHERE client_id = ?";
+ $app->db->query($sql, $new_password, $client_id);
+ $sql = "UPDATE sys_user SET passwort = md5(?) WHERE client_id = ?";
+ $app->db->query($sql, $new_password, $client_id);
return true;
} else {
throw new SoapFault('no_client_found', 'There is no user account for this client_id');
@@ -567,8 +586,8 @@ class remoting_client extends remoting {
}
//* Check failed logins
- $sql = "SELECT * FROM `attempts_login` WHERE `ip`= '".$app->db->quote($remote_ip)."' AND `login_time` > (NOW() - INTERVAL 1 MINUTE) LIMIT 1";
- $alreadyfailed = $app->db->queryOneRecord($sql);
+ $sql = "SELECT * FROM `attempts_login` WHERE `ip`= ? AND `login_time` > (NOW() - INTERVAL 1 MINUTE) LIMIT 1";
+ $alreadyfailed = $app->db->queryOneRecord($sql, $remote_ip);
//* too many failedlogins
if($alreadyfailed['times'] > 5) {
@@ -582,8 +601,8 @@ class remoting_client extends remoting {
if(strstr($username,'@')) {
// Check against client table
- $sql = "SELECT * FROM client WHERE email = '".$app->db->quote($username)."'";
- $user = $app->db->queryOneRecord($sql);
+ $sql = "SELECT * FROM client WHERE email = ?";
+ $user = $app->db->queryOneRecord($sql, $username);
if($user) {
$saved_password = stripslashes($user['password']);
@@ -614,8 +633,8 @@ class remoting_client extends remoting {
} else {
// Check against sys_user table
- $sql = "SELECT * FROM sys_user WHERE username = '".$app->db->quote($username)."'";
- $user = $app->db->queryOneRecord($sql);
+ $sql = "SELECT * FROM sys_user WHERE username = ?";
+ $user = $app->db->queryOneRecord($sql, $username);
if($user) {
$saved_password = stripslashes($user['passwort']);
@@ -649,15 +668,14 @@ class remoting_client extends remoting {
//* Log failed login attempts
if($user === false) {
- $time = time();
if(!$alreadyfailed['times'] ) {
//* user login the first time wrong
- $sql = "INSERT INTO `attempts_login` (`ip`, `times`, `login_time`) VALUES ('".$app->db->quote($remote_ip)."', 1, NOW())";
- $app->db->query($sql);
+ $sql = "INSERT INTO `attempts_login` (`ip`, `times`, `login_time`) VALUES (?, 1, NOW())";
+ $app->db->query($sql, $remote_ip);
} elseif($alreadyfailed['times'] >= 1) {
//* update times wrong
- $sql = "UPDATE `attempts_login` SET `times`=`times`+1, `login_time`=NOW() WHERE `login_time` >= '".$time."' LIMIT 1";
- $app->db->query($sql);
+ $sql = "UPDATE `attempts_login` SET `times`=`times`+1, `login_time`=NOW() WHERE `ip` = ? AND `login_time` > (NOW() - INTERVAL 1 MINUTE) ORDER BY `login_time` DESC LIMIT 1";
+ $app->db->query($sql, $remote_ip);
}
}
diff --git a/interface/lib/classes/remote.d/dns.inc.php b/interface/lib/classes/remote.d/dns.inc.php
index 1e9526a12faf52db8bb00192e9655794021a886e..57f7040e28553377f1e34cf9b77dc178c557b98c 100644
--- a/interface/lib/classes/remote.d/dns.inc.php
+++ b/interface/lib/classes/remote.d/dns.inc.php
@@ -50,9 +50,9 @@ class remoting_dns extends remoting {
return false;
}
- $client = $app->db->queryOneRecord("SELECT default_dnsserver FROM client WHERE client_id = ".$app->functions->intval($client_id));
+ $client = $app->db->queryOneRecord("SELECT default_dnsserver FROM client WHERE client_id = ?", $client_id);
$server_id = $client["default_dnsserver"];
- $template_record = $app->db->queryOneRecord("SELECT * FROM dns_template WHERE template_id = '$template_id'");
+ $template_record = $app->db->queryOneRecord("SELECT * FROM dns_template WHERE template_id = ?", $template_id);
$fields = explode(',', $template_record['fields']);
$tform_def_file = "../../web/dns/form/dns_soa.tform.php";
$app->uses('tform');
@@ -95,11 +95,11 @@ class remoting_dns extends remoting {
if($section == 'dns_records') {
$parts = explode('|', $row);
$dns_rr[] = array(
- 'name' => $app->db->quote($parts[1]),
- 'type' => $app->db->quote($parts[0]),
- 'data' => $app->db->quote($parts[2]),
- 'aux' => $app->db->quote($parts[3]),
- 'ttl' => $app->db->quote($parts[4])
+ 'name' => $parts[1],
+ 'type' => $parts[0],
+ 'data' => $parts[2],
+ 'aux' => $parts[3],
+ 'ttl' => $parts[4]
);
}
}
@@ -117,30 +117,62 @@ class remoting_dns extends remoting {
if($error == '') {
// Insert the soa record
- $tmp = $app->db->queryOneRecord("SELECT userid,default_group FROM sys_user WHERE client_id = ".$app->functions->intval($client_id));
+ $tmp = $app->db->queryOneRecord("SELECT userid,default_group FROM sys_user WHERE client_id = ?", $client_id);
$sys_userid = $tmp['userid'];
$sys_groupid = $tmp['default_group'];
unset($tmp);
- $origin = $app->db->quote($vars['origin']);
- $ns = $app->db->quote($vars['ns']);
- $mbox = $app->db->quote(str_replace('@', '.', $vars['mbox']));
- $refresh = $app->db->quote($vars['refresh']);
- $retry = $app->db->quote($vars['retry']);
- $expire = $app->db->quote($vars['expire']);
- $minimum = $app->db->quote($vars['minimum']);
- $ttl = $app->db->quote($vars['ttl']);
- $xfer = $app->db->quote($vars['xfer']);
- $also_notify = $app->db->quote($vars['also_notify']);
- $update_acl = $app->db->quote($vars['update_acl']);
+ $origin = $vars['origin'];
+ $ns = $vars['ns'];
+ $mbox = str_replace('@', '.', $vars['mbox']);
+ $refresh = $vars['refresh'];
+ $retry = $vars['retry'];
+ $expire = $vars['expire'];
+ $minimum = $vars['minimum'];
+ $ttl = $vars['ttl'];
+ $xfer = $vars['xfer'];
+ $also_notify = $vars['also_notify'];
+ $update_acl = $vars['update_acl'];
$serial = $app->validate_dns->increase_serial(0);
- $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `origin`, `ns`, `mbox`, `serial`, `refresh`, `retry`, `expire`, `minimum`, `ttl`, `active`, `xfer`, `also_notify`, `update_acl`) VALUES
- ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$origin', '$ns', '$mbox', '$serial', '$refresh', '$retry', '$expire', '$minimum', '$ttl', 'Y', '$xfer', '$also_notify', '$update_acl')";
+ $insert_data = array(
+ "sys_userid" => $sys_userid,
+ "sys_groupid" => $sys_groupid,
+ "sys_perm_user" => 'riud',
+ "sys_perm_group" => 'riud',
+ "sys_perm_other" => '',
+ "server_id" => $server_id,
+ "origin" => $origin,
+ "ns" => $ns,
+ "mbox" => $mbox,
+ "serial" => $serial,
+ "refresh" => $refresh,
+ "retry" => $retry,
+ "expire" => $expire,
+ "minimum" => $minimum,
+ "ttl" => $ttl,
+ "active" => 'Y',
+ "xfer" => $xfer,
+ "also_notify" => $also_notify,
+ "update_acl" => $update_acl
+ );
$dns_soa_id = $app->db->datalogInsert('dns_soa', $insert_data, 'id');
// Insert the dns_rr records
if(is_array($dns_rr) && $dns_soa_id > 0) {
foreach($dns_rr as $rr) {
- $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `zone`, `name`, `type`, `data`, `aux`, `ttl`, `active`) VALUES
- ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$dns_soa_id', '$rr[name]', '$rr[type]', '$rr[data]', '$rr[aux]', '$rr[ttl]', 'Y')";
+ $insert_data = array(
+ "sys_userid" => $sys_userid,
+ "sys_groupid" => $sys_groupid,
+ "sys_perm_user" => 'riud',
+ "sys_perm_group" => 'riud',
+ "sys_perm_other" => '',
+ "server_id" => $server_id,
+ "zone" => $dns_soa_id,
+ "name" => $rr['name'],
+ "type" => $rr['type'],
+ "data" => $rr['data'],
+ "aux" => $rr['aux'],
+ "ttl" => $rr['ttl'],
+ "active" => 'Y'
+ );
$dns_rr_id = $app->db->datalogInsert('dns_rr', $insert_data, 'id');
}
}
@@ -180,7 +212,7 @@ class remoting_dns extends remoting {
return false;
}
- $rec = $app->db->queryOneRecord("SELECT id FROM dns_soa WHERE origin like '".$origin."%'");
+ $rec = $app->db->queryOneRecord("SELECT id FROM dns_soa WHERE origin like ?", $origin."%");
if(isset($rec['id'])) {
return $app->functions->intval($rec['id']);
} else {
@@ -764,8 +796,8 @@ class remoting_dns extends remoting {
if (!empty($client_id) && !empty($server_id)) {
$server_id = $app->functions->intval($server_id);
$client_id = $app->functions->intval($client_id);
- $sql = "SELECT id, origin FROM dns_soa d INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = $client_id AND server_id = $server_id";
- $result = $app->db->queryAllRecords($sql);
+ $sql = "SELECT id, origin FROM dns_soa d INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = ? AND server_id = ?";
+ $result = $app->db->queryAllRecords($sql, $client_id, $server_id);
return $result;
}
return false;
@@ -785,8 +817,8 @@ class remoting_dns extends remoting {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $sql = "SELECT * FROM dns_rr WHERE zone = ".$app->functions->intval($zone_id);;
- $result = $app->db->queryAllRecords($sql);
+ $sql = "SELECT * FROM dns_rr WHERE zone = ?";
+ $result = $app->db->queryAllRecords($sql, $zone_id);
return $result;
}
@@ -809,8 +841,8 @@ class remoting_dns extends remoting {
} else {
$status = 'N';
}
- $sql = "UPDATE dns_soa SET active = '$status' WHERE id = ".$app->functions->intval($primary_id);
- $app->db->query($sql);
+ $sql = "UPDATE dns_soa SET active = ? WHERE id = ?";
+ $app->db->query($sql, $status, $primary_id);
$result = $app->db->affectedRows();
return $result;
} else {
diff --git a/interface/lib/classes/remote.d/domains.inc.php b/interface/lib/classes/remote.d/domains.inc.php
index 9bba710023f6d311b7a18673ba731e072d957c11..33830335d8989990cd1c4f4613ab290679763184 100644
--- a/interface/lib/classes/remote.d/domains.inc.php
+++ b/interface/lib/classes/remote.d/domains.inc.php
@@ -86,8 +86,8 @@ class remoting_domains extends remoting {
return false;
}
$group_id = $app->functions->intval($group_id);
- $sql = "SELECT domain_id, domain FROM domain WHERE sys_groupid = $group_id ";
- $all = $app->db->queryAllRecords($sql);
+ $sql = "SELECT domain_id, domain FROM domain WHERE sys_groupid = ?";
+ $all = $app->db->queryAllRecords($sql, $group_id);
return $all;
}
diff --git a/interface/lib/classes/remote.d/mail.inc.php b/interface/lib/classes/remote.d/mail.inc.php
index e579fb67ff7dec16757f6547bb2b815443c19926..914777070b9ccc15746ad3bf055adab488f308e1 100644
--- a/interface/lib/classes/remote.d/mail.inc.php
+++ b/interface/lib/classes/remote.d/mail.inc.php
@@ -208,7 +208,7 @@ class remoting_mail extends remoting {
//* Check if mail domain exists
$email_parts = explode('@', $params['email']);
- $tmp = $app->db->queryOneRecord("SELECT domain FROM mail_domain WHERE domain = '".$app->db->quote($email_parts[1])."'");
+ $tmp = $app->db->queryOneRecord("SELECT domain FROM mail_domain WHERE domain = ?", $email_parts[1]);
if($tmp['domain'] != $email_parts[1]) {
throw new SoapFault('mail_domain_does_not_exist', 'Mail domain - '.$email_parts[1].' - does not exist.');
return false;
@@ -235,7 +235,7 @@ class remoting_mail extends remoting {
//* Check if mail domain exists
$email_parts = explode('@', $params['email']);
- $tmp = $app->db->queryOneRecord("SELECT domain FROM mail_domain WHERE domain = '".$app->db->quote($email_parts[1])."'");
+ $tmp = $app->db->queryOneRecord("SELECT domain FROM mail_domain WHERE domain = ?", $email_parts[1]);
if($tmp['domain'] != $email_parts[1]) {
throw new SoapFault('mail_domain_does_not_exist', 'Mail domain - '.$email_parts[1].' - does not exist.');
return false;
@@ -309,6 +309,73 @@ class remoting_mail extends remoting {
// $app->plugin->raiseEvent('mail:mail_user_filter:on_after_delete',$this);
return $affected_rows;
}
+
+ // Mail backup list function by Dominik Mller, info@profi-webdesign.net
+ public function mail_user_backup_list($session_id, $primary_id = null)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'mail_user_backup')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ $params = array();
+ if ($site_id != null) {
+ $params[] = $site_id;
+ $sql = "SELECT * FROM mail_backup WHERE parent_domain_id = ?";
+ }
+ else {
+ $sql = "SELECT * FROM mail_backup";
+ }
+
+ $result = $app->db->queryAllRecords($sql, true, $params);
+ return $result;
+ }
+
+ // Mail backup restore/download functions by Dominik Mller, info@profi-webdesign.net
+ public function mail_user_backup($session_id, $primary_id, $action_type)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'mail_user_backup')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ //*Set variables
+ $backup_record = $app->db->queryOneRecord("SELECT * FROM `mail_backup` WHERE `backup_id`=?", $primary_id);
+ $server_id = $backup_record['server_id'];
+
+ //*Set default action state
+ $action_state = "pending";
+ $tstamp = time();
+
+ //* Basic validation of variables
+ if ($server_id <= 0) {
+ $this->server->fault('invalid_backup_id', "Invalid or non existant backup_id $primary_id");
+ return false;
+ }
+
+ if (/*$action_type != 'backup_download_mail' and*/ $action_type != 'backup_restore_mail') {
+ $this->server->fault('invalid_action', "Invalid action_type $action_type");
+ return false;
+ }
+
+ //* Validate instance
+ $instance_record = $app->db->queryOneRecord("SELECT * FROM `sys_remoteaction` WHERE `action_param`=? and `action_type`=? and `action_state`='pending'", $primary_id, $action_type);
+ if ($instance_record['action_id'] >= 1) {
+ $this->server->fault('duplicate_action', "There is already a pending $action_type action");
+ return false;
+ }
+
+ //* Save the record
+ if ($app->db->query("INSERT INTO `sys_remoteaction` SET `server_id` = ?, `tstamp` = ?, `action_type` = ?, `action_param` = ?, `action_state` = ?", $server_id, $tstamp, $action_type, $primary_id, $action_state)) {
+ return true;
+ } else {
+ return false;
+ }
+ }
//* Get alias details
public function mail_alias_get($session_id, $primary_id)
@@ -336,7 +403,7 @@ class remoting_mail extends remoting {
}
//* Check if there is no active mailbox with this address
- $tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE postfix = 'y' AND email = '".$app->db->quote($params["source"])."'");
+ $tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE postfix = 'y' AND email = ?", $params["source"]);
if($tmp['number'] > 0) {
throw new SoapFault('duplicate', 'There is already a mailbox with this email address.');
}
@@ -358,7 +425,7 @@ class remoting_mail extends remoting {
}
//* Check if there is no active mailbox with this address
- $tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE postfix = 'y' AND email = '".$app->db->quote($params["source"])."'");
+ $tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE postfix = 'y' AND email = ?", $params["source"]);
if($tmp['number'] > 0) {
throw new SoapFault('duplicate', 'There is already a mailbox with this email address.');
}
@@ -994,9 +1061,8 @@ class remoting_mail extends remoting {
return false;
}
if (!empty($domain)) {
- $domain = $app->db->quote($domain);
- $sql = "SELECT * FROM mail_domain WHERE domain = '$domain'";
- $result = $app->db->queryAllRecords($sql);
+ $sql = "SELECT * FROM mail_domain WHERE domain = ?";
+ $result = $app->db->queryAllRecords($sql, $domain);
return $result;
}
return false;
@@ -1014,8 +1080,8 @@ class remoting_mail extends remoting {
} else {
$status = 'n';
}
- $sql = "UPDATE mail_domain SET active = '$status' WHERE domain_id = ".$app->functions->intval($primary_id);
- $app->db->query($sql);
+ $sql = "UPDATE mail_domain SET active = ? WHERE domain_id = ?";
+ $app->db->query($sql, $status, $primary_id);
$result = $app->db->affectedRows();
return $result;
} else {
diff --git a/interface/lib/classes/remote.d/openvz.inc.php b/interface/lib/classes/remote.d/openvz.inc.php
index 4a087ccbc7e2d2c3df231d943869211fccbee439..c427a1f749e3f7eecf6e85cf00722eb155dda51f 100644
--- a/interface/lib/classes/remote.d/openvz.inc.php
+++ b/interface/lib/classes/remote.d/openvz.inc.php
@@ -159,7 +159,7 @@ class remoting_openvz extends remoting {
$server_id = $app->functions->intval($server_id);
if($server_id > 0) {
- $tmp = $app->db->queryOneRecord("SELECT ip_address_id, server_id, ip_address FROM openvz_ip WHERE reserved = 'n' AND vm_id = 0 AND server_id = $server_id LIMIT 0,1");
+ $tmp = $app->db->queryOneRecord("SELECT ip_address_id, server_id, ip_address FROM openvz_ip WHERE reserved = 'n' AND vm_id = 0 AND server_id = ? LIMIT 0,1", $server_id);
} else {
$tmp = $app->db->queryOneRecord("SELECT ip_address_id, server_id, ip_address FROM openvz_ip WHERE reserved = 'n' AND vm_id = 0 LIMIT 0,1");
}
@@ -229,9 +229,9 @@ class remoting_openvz extends remoting {
if (!empty($client_id)) {
$client_id = $app->functions->intval($client_id);
- $tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = $client_id");
- $sql = "SELECT * FROM openvz_vm WHERE sys_groupid = ".$app->functions->intval($tmp['groupid']);
- $result = $app->db->queryAllRecords($sql);
+ $tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ?", $client_id);
+ $sql = "SELECT * FROM openvz_vm WHERE sys_groupid = ?";
+ $result = $app->db->queryAllRecords($sql, $tmp['groupid']);
return $result;
}
return false;
@@ -272,23 +272,23 @@ class remoting_openvz extends remoting {
}
// Verify if template and ostemplate exist
- $tmp = $app->db->queryOneRecord("SELECT template_id FROM openvz_template WHERE template_id = $template_id");
+ $tmp = $app->db->queryOneRecord("SELECT template_id FROM openvz_template WHERE template_id = ?", $template_id);
if(!is_array($tmp)) {
throw new SoapFault('template_id_error', 'Template does not exist.');
return false;
}
- $tmp = $app->db->queryOneRecord("SELECT ostemplate_id FROM openvz_ostemplate WHERE ostemplate_id = $ostemplate_id");
+ $tmp = $app->db->queryOneRecord("SELECT ostemplate_id FROM openvz_ostemplate WHERE ostemplate_id = ?", $ostemplate_id);
if(!is_array($tmp)) {
throw new SoapFault('ostemplate_id_error', 'OSTemplate does not exist.');
return false;
}
//* Get the template
- $vtpl = $app->db->queryOneRecord("SELECT * FROM openvz_template WHERE template_id = $template_id");
+ $vtpl = $app->db->queryOneRecord("SELECT * FROM openvz_template WHERE template_id = ?", $template_id);
//* Get the IP address and server_id
if($override_params['server_id'] > 0) {
- $vmip = $app->db->queryOneRecord("SELECT ip_address_id, server_id, ip_address FROM openvz_ip WHERE reserved = 'n' AND vm_id = 0 AND server_id = ".$override_params['server_id']." LIMIT 0,1");
+ $vmip = $app->db->queryOneRecord("SELECT ip_address_id, server_id, ip_address FROM openvz_ip WHERE reserved = 'n' AND vm_id = 0 AND server_id = ? LIMIT 0,1", $override_params['server_id']);
} else {
$vmip = $app->db->queryOneRecord("SELECT ip_address_id, server_id, ip_address FROM openvz_ip WHERE reserved = 'n' AND vm_id = 0 LIMIT 0,1");
}
@@ -376,25 +376,18 @@ class remoting_openvz extends remoting {
$action = 'openvz_start_vm';
$tmp = $app->db->queryOneRecord("SELECT count(action_id) as actions FROM sys_remoteaction
- WHERE server_id = '".$vm['server_id']."'
- AND action_type = '$action'
- AND action_param = '".$vm['veid']."'
- AND action_state = 'pending'");
+ WHERE server_id = ?
+ AND action_type = ?
+ AND action_param = ?
+ AND action_state = 'pending'", $vm['server_id'], $action, $vm['veid']);
if($tmp['actions'] > 0) {
throw new SoapFault('action_pending', 'There is already a action pending for this VM.');
return false;
} else {
$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
- "VALUES (".
- (int)$vm['server_id'] . ", ".
- time() . ", ".
- "'".$action."', ".
- $vm['veid'].", ".
- "'pending', ".
- "''".
- ")";
- $app->db->query($sql);
+ "VALUES (?, ?, ?, ?, 'pending', '')";
+ $app->db->query($sql, (int)$vm['server_id'], time(), $action, $vm['veid']);
}
}
@@ -425,25 +418,18 @@ class remoting_openvz extends remoting {
$action = 'openvz_stop_vm';
$tmp = $app->db->queryOneRecord("SELECT count(action_id) as actions FROM sys_remoteaction
- WHERE server_id = '".$vm['server_id']."'
- AND action_type = '$action'
- AND action_param = '".$vm['veid']."'
- AND action_state = 'pending'");
+ WHERE server_id = ?
+ AND action_type = ?
+ AND action_param = ?
+ AND action_state = 'pending'", $vm['server_id'], $action, $vm['veid']);
if($tmp['actions'] > 0) {
throw new SoapFault('action_pending', 'There is already a action pending for this VM.');
return false;
} else {
$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
- "VALUES (".
- (int)$vm['server_id'] . ", ".
- time() . ", ".
- "'".$action."', ".
- $vm['veid'].", ".
- "'pending', ".
- "''".
- ")";
- $app->db->query($sql);
+ "VALUES (?, ?, ?, ?, 'pending', '')";
+ $app->db->query($sql, (int)$vm['server_id'], time(), $action, $vm['veid']);
}
}
@@ -474,25 +460,18 @@ class remoting_openvz extends remoting {
$action = 'openvz_restart_vm';
$tmp = $app->db->queryOneRecord("SELECT count(action_id) as actions FROM sys_remoteaction
- WHERE server_id = '".$vm['server_id']."'
- AND action_type = '$action'
- AND action_param = '".$vm['veid']."'
- AND action_state = 'pending'");
+ WHERE server_id = ?
+ AND action_type = ?
+ AND action_param = ?
+ AND action_state = 'pending'", $vm['server_id'], $action, $vm['veid']);
if($tmp['actions'] > 0) {
throw new SoapFault('action_pending', 'There is already a action pending for this VM.');
return false;
} else {
$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
- "VALUES (".
- (int)$vm['server_id'] . ", ".
- time() . ", ".
- "'".$action."', ".
- $vm['veid'].", ".
- "'pending', ".
- "''".
- ")";
- $app->db->query($sql);
+ "VALUES (?, ?, ?, ?, 'pending', '')";
+ $app->db->query($sql, (int)$vm['server_id'], time(), $action, $vm['veid']);
}
}
diff --git a/interface/lib/classes/remote.d/server.inc.php b/interface/lib/classes/remote.d/server.inc.php
index 403530207151242fcef101c6052e507227bf1144..eb4a8b9846641d44865d345fa889b09cd2d6ef37 100644
--- a/interface/lib/classes/remote.d/server.inc.php
+++ b/interface/lib/classes/remote.d/server.inc.php
@@ -55,8 +55,8 @@ class remoting_server extends remoting {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $sql = "SELECT server_id FROM server_ip WHERE ip_address = '$ipaddress' LIMIT 1 ";
- $all = $app->db->queryAllRecords($sql);
+ $sql = "SELECT server_id FROM server_ip WHERE ip_address = ? LIMIT 1";
+ $all = $app->db->queryAllRecords($sql, $ipaddress);
return $all;
}
@@ -178,8 +178,8 @@ class remoting_server extends remoting {
return false;
}
if (!empty($session_id) && !empty($server_name)) {
- $sql = "SELECT server_id FROM server WHERE server_name = '$server_name' LIMIT 1 ";
- $all = $app->db->queryAllRecords($sql);
+ $sql = "SELECT server_id FROM server WHERE server_name = ? LIMIT 1";
+ $all = $app->db->queryAllRecords($sql, $server_name);
return $all;
} else {
return false;
@@ -200,8 +200,8 @@ class remoting_server extends remoting {
return false;
}
if (!empty($session_id) && !empty($server_id)) {
- $sql = "SELECT mail_server, web_server, dns_server, file_server, db_server, vserver_server, proxy_server, firewall_server FROM server WHERE server_id = '$server_id' LIMIT 1 ";
- $all = $app->db->queryAllRecords($sql);
+ $sql = "SELECT mail_server, web_server, dns_server, file_server, db_server, vserver_server, proxy_server, firewall_server FROM server WHERE server_id = ? LIMIT 1 ";
+ $all = $app->db->queryAllRecords($sql, $server_id);
return $all;
} else {
return false;
diff --git a/interface/lib/classes/remote.d/sites.inc.php b/interface/lib/classes/remote.d/sites.inc.php
index 98c5bf63283e683e2167855bcac05f819c63b721..ad3f2e3046f96e3e84c5d2ba75b15f7d767d08aa 100644
--- a/interface/lib/classes/remote.d/sites.inc.php
+++ b/interface/lib/classes/remote.d/sites.inc.php
@@ -102,7 +102,8 @@ class remoting_sites extends remoting {
$app->remoting_lib->loadFormDef('../sites/form/database.tform.php');
return $app->remoting_lib->getDataRecord($primary_id);
}
-
+
+ /* TODO: secure queries! */
//* Add a record
public function sites_database_add($session_id, $client_id, $params)
{
@@ -114,7 +115,7 @@ class remoting_sites extends remoting {
}
//* Check for duplicates
- $tmp = $app->db->queryOneRecord("SELECT count(database_id) as dbnum FROM web_database WHERE database_name = '".$app->db->quote($params['database_name'])."' AND server_id = '".intval($params["server_id"])."'");
+ $tmp = $app->db->queryOneRecord("SELECT count(database_id) as dbnum FROM web_database WHERE database_name = ? AND server_id = ?", $params['database_name'], $params["server_id"]);
if($tmp['dbnum'] > 0) {
throw new SoapFault('database_name_error_unique', 'There is already a database with that name on the same server.');
return false;
@@ -135,7 +136,6 @@ class remoting_sites extends remoting {
$sql_set = array();
if(isset($params['backup_interval'])) $sql_set[] = "backup_interval = '".$app->db->quote($params['backup_interval'])."'";
if(isset($params['backup_copies'])) $sql_set[] = "backup_copies = ".$app->functions->intval($params['backup_copies']);
- //$app->db->query("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$retval);
$this->updateQueryExecute("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$retval, $retval, $params);
}
@@ -169,7 +169,6 @@ class remoting_sites extends remoting {
$sql_set = array();
if(isset($params['backup_interval'])) $sql_set[] = "backup_interval = '".$app->db->quote($params['backup_interval'])."'";
if(isset($params['backup_copies'])) $sql_set[] = "backup_copies = ".$app->functions->intval($params['backup_copies']);
- //$app->db->query("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$primary_id);
$this->updateQueryExecute("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$primary_id, $primary_id, $params);
}
@@ -239,7 +238,7 @@ class remoting_sites extends remoting {
$new_rec = $app->remoting_lib->getDataRecord($primary_id);
- $records = $app->db->queryAllRecords("SELECT DISTINCT server_id FROM web_database WHERE database_user_id = '".$app->functions->intval($primary_id)."' UNION SELECT DISTINCT server_id FROM web_database WHERE database_ro_user_id = '".$app->functions->intval($primary_id)."'");
+ $records = $app->db->queryAllRecords("SELECT DISTINCT server_id FROM web_database WHERE database_user_id = ? UNION SELECT DISTINCT server_id FROM web_database WHERE database_ro_user_id = ?", $primary_id, $primary_id);
foreach($records as $rec) {
$tmp_rec = $new_rec;
$tmp_rec['server_id'] = $rec['server_id'];
@@ -265,14 +264,14 @@ class remoting_sites extends remoting {
$app->db->datalogDelete('web_database_user', 'database_user_id', $primary_id);
$affected_rows = $this->deleteQuery('../sites/form/database_user.tform.php', $primary_id);
- $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_user_id = '".$app->functions->intval($primary_id)."'");
+ $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_user_id = ?", $primary_id);
foreach($records as $rec) {
- $app->db->datalogUpdate('web_database', 'database_user_id=NULL', 'database_id', $rec['database_id']);
+ $app->db->datalogUpdate('web_database', array('database_user_id' => null), 'database_id', $rec['database_id']);
}
- $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_ro_user_id = '".$app->functions->intval($primary_id)."'");
+ $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_ro_user_id = ?", $primary_id);
foreach($records as $rec) {
- $app->db->datalogUpdate('web_database', 'database_ro_user_id=NULL', 'database_id', $rec['database_id']);
+ $app->db->datalogUpdate('web_database', array('database_ro_user_id' => null), 'database_id', $rec['database_id']);
}
return $affected_rows;
@@ -336,7 +335,7 @@ class remoting_sites extends remoting {
return false;
}
- $data = $app->db->queryOneRecord("SELECT server_id FROM ftp_user WHERE username = '".$app->db->quote($ftp_user)."'");
+ $data = $app->db->queryOneRecord("SELECT server_id FROM ftp_user WHERE username = ?", $ftp_user);
//file_put_contents('/tmp/test.txt', serialize($data));
if(!isset($data['server_id'])) return false;
@@ -406,7 +405,7 @@ class remoting_sites extends remoting {
return false;
}
$app->uses('remoting_lib');
- $app->remoting_lib->loadFormDef('../sites/form/web_domain.tform.php');
+ $app->remoting_lib->loadFormDef('../sites/form/web_vhost_domain.tform.php');
return $app->remoting_lib->getDataRecord($primary_id);
}
@@ -420,7 +419,7 @@ class remoting_sites extends remoting {
}
if(!isset($params['client_group_id']) or (isset($params['client_group_id']) && empty($params['client_group_id']))) {
- $rec = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$app->functions->intval($client_id));
+ $rec = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ?", $client_id);
$params['client_group_id'] = $rec['groupid'];
}
@@ -435,9 +434,9 @@ class remoting_sites extends remoting {
if($params['pm_min_spare_servers'] == '') $params['pm_min_spare_servers'] = 1;
if($params['pm_max_spare_servers'] == '') $params['pm_max_spare_servers'] = 1;
- $domain_id = $this->insertQuery('../sites/form/web_domain.tform.php', $client_id, $params, 'sites:web_domain:on_after_insert');
+ $domain_id = $this->insertQuery('../sites/form/web_vhost_domain.tform.php', $client_id, $params, 'sites:web_domain:on_after_insert');
if ($readonly === true)
- $app->db->query("UPDATE web_domain SET `sys_userid` = '1' WHERE domain_id = ".$domain_id);
+ $app->db->query("UPDATE web_domain SET `sys_userid` = '1' WHERE domain_id = ?", $domain_id);
return $domain_id;
}
@@ -455,7 +454,7 @@ class remoting_sites extends remoting {
if($params['pm_min_spare_servers'] == '') $params['pm_min_spare_servers'] = 1;
if($params['pm_max_spare_servers'] == '') $params['pm_max_spare_servers'] = 1;
- $affected_rows = $this->updateQuery('../sites/form/web_domain.tform.php', $client_id, $primary_id, $params);
+ $affected_rows = $this->updateQuery('../sites/form/web_vhost_domain.tform.php', $client_id, $primary_id, $params);
return $affected_rows;
}
@@ -466,7 +465,7 @@ class remoting_sites extends remoting {
throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $affected_rows = $this->deleteQuery('../sites/form/web_domain.tform.php', $primary_id);
+ $affected_rows = $this->deleteQuery('../sites/form/web_vhost_domain.tform.php', $primary_id);
return $affected_rows;
}
@@ -751,7 +750,7 @@ class remoting_sites extends remoting {
}
// Delete all users that belong to this folder. - taken from web_folder_delete.php
- $records = $app->db->queryAllRecords("SELECT web_folder_user_id FROM web_folder_user WHERE web_folder_id = '".$app->functions->intval($primary_id)."'");
+ $records = $app->db->queryAllRecords("SELECT web_folder_user_id FROM web_folder_user WHERE web_folder_id = ?", $primary_id);
foreach($records as $rec) {
$this->deleteQuery('../sites/form/web_folder_user.tform.php', $rec['web_folder_user_id']);
//$app->db->datalogDelete('web_folder_user','web_folder_user_id',$rec['web_folder_user_id']);
@@ -865,11 +864,11 @@ class remoting_sites extends remoting {
} else {
$status = 'n';
}
- $app->remoting_lib->loadFormDef('../sites/form/web_domain.tform.php');
+ $app->remoting_lib->loadFormDef('../sites/form/web_vhost_domain.tform.php');
$params = $app->remoting_lib->getDataRecord($primary_id);
$params['active'] = $status;
- $affected_rows = $this->updateQuery('../sites/form/web_domain.tform.php', 0, $primary_id, $params);
+ $affected_rows = $this->updateQuery('../sites/form/web_vhost_domain.tform.php', 0, $primary_id, $params);
return $affected_rows;
} else {
throw new SoapFault('status_undefined', 'The status is not available');
@@ -889,8 +888,8 @@ class remoting_sites extends remoting {
return false;
}
$client_id = $app->functions->intval($client_id);
- $sql = "SELECT d.database_id, d.database_name, d.database_user_id, d.database_ro_user_id, du.database_user, du.database_password FROM web_database d LEFT JOIN web_database_user du ON (du.database_user_id = d.database_user_id) INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = $client_id";
- $all = $app->db->queryAllRecords($sql);
+ $sql = "SELECT d.database_id, d.database_name, d.database_user_id, d.database_ro_user_id, du.database_user, du.database_password FROM web_database d LEFT JOIN web_database_user du ON (du.database_user_id = d.database_user_id) INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = ?";
+ $all = $app->db->queryAllRecords($sql, $client_id);
return $all;
}
@@ -904,7 +903,7 @@ class remoting_sites extends remoting {
return false;
}
- $result = $app->db->queryAllRecords("SELECT * FROM web_backup".(($site_id != null)?' WHERE parent_domain_id = ?':''), $app->functions->intval($site_id));
+ $result = $app->db->queryAllRecords("SELECT * FROM web_backup".(($site_id != null)?' WHERE parent_domain_id = ?':''), $site_id);
return $result;
}
@@ -966,6 +965,34 @@ class remoting_sites extends remoting {
return $app->quota_lib->get_quota_data($client_id, false);
}
+ public function trafficquota_get_by_user($session_id, $client_id, $lastdays = 0)
+ {
+ global $app;
+ $app->uses('quota_lib');
+
+ if(!$this->checkPerm($session_id, 'trafficquota_get_by_user')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ if ($client_id != null)
+ $client_id = $app->functions->intval($client_id);
+
+ return $app->quota_lib->get_trafficquota_data($client_id, $lastdays);
+ }
+
+ public function databasequota_get_by_user($session_id, $client_id)
+ {
+ global $app;
+ $app->uses('quota_lib');
+
+ if(!$this->checkPerm($session_id, 'databasequota_get_by_user')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ return $app->quota_lib->get_databasequota_data($client_id, false);
+ }
+
}
diff --git a/interface/lib/classes/remoting.inc.php b/interface/lib/classes/remoting.inc.php
index f42d22b070c655daa835c69659e65b365c163a8e..204aebb15c08e7c33e7f86c0c992de474959009a 100644
--- a/interface/lib/classes/remoting.inc.php
+++ b/interface/lib/classes/remoting.inc.php
@@ -90,15 +90,12 @@ class remoting {
}
//* Delete old remoting sessions
- $sql = "DELETE FROM remote_session WHERE tstamp < ".time();
+ $sql = "DELETE FROM remote_session WHERE tstamp < UNIX_TIMSTAMP()";
$app->db->query($sql);
- $username = $app->db->quote($username);
- $password = $app->db->quote($password);
-
if($client_login == true) {
- $sql = "SELECT * FROM sys_user WHERE USERNAME = '$username'";
- $user = $app->db->queryOneRecord($sql);
+ $sql = "SELECT * FROM sys_user WHERE USERNAME = ?";
+ $user = $app->db->queryOneRecord($sql, $username);
if($user) {
$saved_password = stripslashes($user['passwort']);
@@ -127,7 +124,7 @@ class remoting {
}
// now we need the client data
- $client = $app->db->queryOneRecord("SELECT client.can_use_api FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = " . $app->functions->intval($user['default_group']));
+ $client = $app->db->queryOneRecord("SELECT client.can_use_api FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $user['default_group']);
if(!$client || $client['can_use_api'] != 'y') {
throw new SoapFault('client_login_failed', 'The login failed. Client may not use api.');
return false;
@@ -140,13 +137,12 @@ class remoting {
$remote_functions = '';
$tstamp = time() + $this->session_timeout;
$sql = 'INSERT INTO remote_session (remote_session,remote_userid,remote_functions,client_login,tstamp'
- .') VALUES ('
- ." '$remote_session',$remote_userid,'$remote_functions',1,$tstamp)";
- $app->db->query($sql);
+ .') VALUES (?, ?, ?, 1, $tstamp)';
+ $app->db->query($sql, $remote_session,$remote_userid,$remote_functions,$tstamp);
return $remote_session;
} else {
- $sql = "SELECT * FROM remote_user WHERE remote_username = '$username' and remote_password = md5('$password')";
- $remote_user = $app->db->queryOneRecord($sql);
+ $sql = "SELECT * FROM remote_user WHERE remote_username = ? and remote_password = md5(?)";
+ $remote_user = $app->db->queryOneRecord($sql, $username, $password);
if($remote_user['remote_userid'] > 0) {
//* Create a remote user session
//srand ((double)microtime()*1000000);
@@ -155,9 +151,8 @@ class remoting {
$remote_functions = $remote_user['remote_functions'];
$tstamp = time() + $this->session_timeout;
$sql = 'INSERT INTO remote_session (remote_session,remote_userid,remote_functions,tstamp'
- .') VALUES ('
- ." '$remote_session',$remote_userid,'$remote_functions',$tstamp)";
- $app->db->query($sql);
+ .') VALUES (?, ?, ?, ?)';
+ $app->db->query($sql, $remote_session,$remote_userid,$remote_functions,$tstamp);
return $remote_session;
} else {
throw new SoapFault('login_failed', 'The login failed. Username or password wrong.');
@@ -177,10 +172,8 @@ class remoting {
return false;
}
- $session_id = $app->db->quote($session_id);
-
- $sql = "DELETE FROM remote_session WHERE remote_session = '$session_id'";
- if($app->db->query($sql) != false) {
+ $sql = "DELETE FROM remote_session WHERE remote_session = ?";
+ if($app->db->query($sql, $session_id) != false) {
return true;
} else {
return false;
@@ -203,8 +196,8 @@ class remoting {
$sql = $app->remoting_lib->getSQL($params, 'INSERT', 0);
//* Check if no system user with that username exists
- $username = $app->db->quote($params["username"]);
- $tmp = $app->db->queryOneRecord("SELECT count(userid) as number FROM sys_user WHERE username = '$username'");
+ $username = $params["username"];
+ $tmp = $app->db->queryOneRecord("SELECT count(userid) as number FROM sys_user WHERE username = ?", $username);
if($tmp['number'] > 0) $app->remoting_lib->errorMessage .= "Duplicate username ";
//* Stop on error while preparing the sql query
@@ -238,7 +231,7 @@ class remoting {
/* copied from the client_edit php */
exec('ssh-keygen -t rsa -C '.$username.'-rsa-key-'.time().' -f /tmp/id_rsa -N ""');
- $app->db->query("UPDATE client SET created_at = ".time().", id_rsa = '".$app->db->quote(@file_get_contents('/tmp/id_rsa'))."', ssh_rsa = '".$app->db->quote(@file_get_contents('/tmp/id_rsa.pub'))."' WHERE client_id = ".$this->id);
+ $app->db->query("UPDATE client SET created_at = UNIX_TIMSTAMP(), id_rsa = ?, ssh_rsa = ? WHERE client_id = ?", @file_get_contents('/tmp/id_rsa'), @file_get_contents('/tmp/id_rsa.pub'), $this->id);
exec('rm -f /tmp/id_rsa /tmp/id_rsa.pub');
@@ -251,10 +244,10 @@ class remoting {
$app->remoting_lib->ispconfig_sysuser_add($params, $insert_id);
if($reseller_id) {
- $client_group = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = ".$insert_id);
- $reseller_user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE client_id = ".$reseller_id);
+ $client_group = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = ?", $insert_id);
+ $reseller_user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE client_id = ?", $reseller_id);
$app->auth->add_group_to_user($reseller_user['userid'], $client_group['groupid']);
- $app->db->query("UPDATE client SET parent_client_id = ".$reseller_id." WHERE client_id = ".$insert_id);
+ $app->db->query("UPDATE client SET parent_client_id = ? WHERE client_id = ?", $reseller_id, $insert_id);
}
}
@@ -347,6 +340,7 @@ class remoting {
//* Get the SQL query
$sql = $app->remoting_lib->getSQL($params, 'UPDATE', $primary_id);
+
// throw new SoapFault('debug', $sql);
if($app->remoting_lib->errorMessage != '') {
throw new SoapFault('data_processing_error', $app->remoting_lib->errorMessage);
@@ -473,11 +467,8 @@ class remoting {
return false;
}
- $session_id = $app->db->quote($session_id);
-
- $now = time();
- $sql = "SELECT * FROM remote_session WHERE remote_session = '$session_id' AND tstamp >= $now";
- $session = $app->db->queryOneRecord($sql);
+ $sql = "SELECT * FROM remote_session WHERE remote_session = ? AND tstamp >= UNIX_TIMSTAMP()";
+ $session = $app->db->queryOneRecord($sql, $session_id);
if($session['remote_userid'] > 0) {
return $session;
} else {
diff --git a/interface/lib/classes/remoting_lib.inc.php b/interface/lib/classes/remoting_lib.inc.php
index d85612b6473596d4b331c30e0ca5b5601066b038..9ee3ca547c2d11cf0e9b89f7cbaac4251435f071 100644
--- a/interface/lib/classes/remoting_lib.inc.php
+++ b/interface/lib/classes/remoting_lib.inc.php
@@ -110,7 +110,7 @@ class remoting_lib extends tform_base {
if(isset($_SESSION['client_login']) && isset($_SESSION['client_sys_userid']) && $_SESSION['client_login'] == 1) {
$client_sys_userid = $app->functions->intval($_SESSION['client_sys_userid']);
- $client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_user, client WHERE sys_user.client_id = client.client_id and sys_user.userid = " . $client_sys_userid);
+ $client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_user, client WHERE sys_user.client_id = client.client_id and sys_user.userid = ?", $client_sys_userid);
$this->client_id = $client['client_id'];
$client_login = true;
@@ -125,23 +125,11 @@ class remoting_lib extends tform_base {
$this->sys_groups = 1;
$_SESSION["s"]["user"]["typ"] = 'admin';
} else {
- //* load system user - try with sysuser and before with userid (workarrond)
- /*
- $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE sysuser_id = $client_id");
- if(empty($user["userid"])) {
- $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = $client_id");
- if(empty($user["userid"])) {
- $this->errorMessage .= "No sysuser with the ID $client_id found.";
- return false;
- }
- }*/
-
- $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE client_id = $this->client_id");
+ $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE client_id = ?", $this->client_id);
$this->sys_username = $user['username'];
$this->sys_userid = $user['userid'];
$this->sys_default_group = $user['default_group'];
$this->sys_groups = $user['groups'];
- // $_SESSION["s"]["user"]["typ"] = $user['typ'];
// we have to force admin priveliges for the remoting API as some function calls might fail otherwise.
if($client_login == false) $_SESSION["s"]["user"]["typ"] = 'admin';
}
@@ -186,12 +174,11 @@ class remoting_lib extends tform_base {
/**
* Rewrite the record data to be stored in the database
* and check values with regular expressions.
- * dummy parameter is only there for compatibility with params of base class
*
* @param record = Datensatz als Array
* @return record
*/
- function encode($record, $dbencode = true, $dummy = '') {
+ function encode($record, $tab = '', $dbencode = true) {
$new_record = $this->_encode($record, '', $dbencode, true);
if(isset($record['_ispconfig_pw_crypted'])) $new_record['_ispconfig_pw_crypted'] = $record['_ispconfig_pw_crypted']; // this one is not in form definitions!
@@ -240,8 +227,8 @@ class remoting_lib extends tform_base {
return parent::getDataRecord($primary_id);
} elseif($primary_id == -1) {
// Return a array with all records
- $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape;
- return $app->db->queryAllRecords($sql);
+ $sql = "SELECT * FROM ??";
+ return $app->db->queryAllRecords($sql, $this->formDef['db_table']);
} else {
throw new SoapFault('invalid_id', 'The ID has to be > 0 or -1.');
return array();
@@ -251,22 +238,23 @@ class remoting_lib extends tform_base {
$sql_offset = 0;
$sql_limit = 0;
$sql_where = '';
+ $params = array($this->formDef['db_table']);
foreach($primary_id as $key => $val) {
- $key = $app->db->quote($key);
- $val = $app->db->quote($val);
if($key == '#OFFSET#') $sql_offset = $app->functions->intval($val);
elseif($key == '#LIMIT#') $sql_limit = $app->functions->intval($val);
elseif(stristr($val, '%')) {
- $sql_where .= "$key like '$val' AND ";
+ $sql_where .= "? like ? AND ";
} else {
- $sql_where .= "$key = '$val' AND ";
+ $sql_where .= "? = ? AND ";
}
+ $params[] = $key;
+ $params[] = $val;
}
$sql_where = substr($sql_where, 0, -5);
if($sql_where == '') $sql_where = '1';
- $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$sql_where. " AND " . $this->getAuthSQL('r', $this->formDef['db_table']);
+ $sql = "SELECT * FROM ?? WHERE ".$sql_where. " AND " . $this->getAuthSQL('r', $this->formDef['db_table']);
if($sql_offset >= 0 && $sql_limit > 0) $sql .= ' LIMIT ' . $sql_offset . ',' . $sql_limit;
- return $app->db->queryAllRecords($sql);
+ return $app->db->queryAllRecords($sql, true, $params);
} else {
$this->errorMessage = 'The ID must be either an integer or an array.';
return array();
@@ -275,12 +263,12 @@ class remoting_lib extends tform_base {
function ispconfig_sysuser_add($params, $insert_id){
global $conf, $app, $sql1;
- $username = $app->db->quote($params["username"]);
- $password = $app->db->quote($params["password"]);
+ $username = $params["username"];
+ $password = $params["password"];
if(!isset($params['modules'])) {
$modules = $conf['interface_modules_enabled'];
} else {
- $modules = $app->db->quote($params['modules']);
+ $modules = $params['modules'];
}
if(isset($params['limit_client']) && $params['limit_client'] > 0) {
$modules .= ',client';
@@ -289,44 +277,51 @@ class remoting_lib extends tform_base {
if(!isset($params['startmodule'])) {
$startmodule = 'dashboard';
} else {
- $startmodule = $app->db->quote($params["startmodule"]);
+ $startmodule = $params["startmodule"];
if(!preg_match('/'.$startmodule.'/', $modules)) {
$_modules = explode(',', $modules);
$startmodule=$_modules[0];
}
}
- $usertheme = $app->db->quote($params["usertheme"]);
+ $usertheme = $params["usertheme"];
$type = 'user';
$active = 1;
$insert_id = $app->functions->intval($insert_id);
- $language = $app->db->quote($params["language"]);
- $groupid = $app->db->datalogInsert('sys_group', "(name,description,client_id) VALUES ('$username','','$insert_id')", 'groupid');
+ $language = $params["language"];
+ $groupid = $app->db->datalogInsert('sys_group', array("name" => $username, "description" => "", "client_id" => $insert_id), 'groupid');
$groups = $groupid;
if(!isset($params['_ispconfig_pw_crypted']) || $params['_ispconfig_pw_crypted'] != 1) $password = $app->auth->crypt_password(stripslashes($password));
$sql1 = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
- VALUES ('$username','$password','$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,$insert_id)";
- $app->db->query($sql1);
+ VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
+ $app->db->query($sql1, $username,$password,$modules,$startmodule,$usertheme,$type,$active,$language,$groups,$groupid,$insert_id);
}
function ispconfig_sysuser_update($params, $client_id){
global $app;
- $username = $app->db->quote($params["username"]);
- $clear_password = $app->db->quote($params["password"]);
+ $username = $params["username"];
+ $clear_password = $params["password"];
$client_id = $app->functions->intval($client_id);
if(!isset($params['_ispconfig_pw_crypted']) || $params['_ispconfig_pw_crypted'] != 1) $password = $app->auth->crypt_password(stripslashes($clear_password));
else $password = $clear_password;
- if ($clear_password) $pwstring = ", passwort = '$password'"; else $pwstring ="" ;
- $sql = "UPDATE sys_user set username = '$username' $pwstring WHERE client_id = $client_id";
- $app->db->query($sql);
+ $params = array($username);
+ if ($clear_password) {
+ $pwstring = ", passwort = ?";
+ $params[] = $password;
+ } else {
+ $pwstring ="" ;
+ }
+ $params[] = $client_id;
+ $sql = "UPDATE sys_user set username = ? $pwstring WHERE client_id = ?";
+ $app->db->query($sql, true, $params);
}
function ispconfig_sysuser_delete($client_id){
global $app;
$client_id = $app->functions->intval($client_id);
- $sql = "DELETE FROM sys_user WHERE client_id = $client_id";
- $app->db->query($sql);
- $sql = "DELETE FROM sys_group WHERE client_id = $client_id";
- $app->db->query($sql);
+ $sql = "DELETE FROM sys_user WHERE client_id = ?";
+ $app->db->query($sql, $client_id);
+ $sql = "DELETE FROM sys_group WHERE client_id = ?";
+ $app->db->query($sql, $client_id);
}
}
diff --git a/interface/lib/classes/searchform.inc.php b/interface/lib/classes/searchform.inc.php
index cfa8f283601324f93861de938454d8b5cc635279..0a290c1d699bcae630af474c76190d92f5ec1d42 100644
--- a/interface/lib/classes/searchform.inc.php
+++ b/interface/lib/classes/searchform.inc.php
@@ -177,7 +177,7 @@ class searchform {
if($this->searchChanged == 1) $_SESSION['search'][$list_name]['page'] = 0;
$sql_von = $_SESSION['search'][$list_name]['page'] * $records_per_page;
- $record_count = $app->db->queryOneRecord("SELECT count(*) AS anzahl FROM $table WHERE $sql_where");
+ $record_count = $app->db->queryOneRecord("SELECT count(*) AS anzahl FROM ?? WHERE $sql_where", $table);
$pages = $app->functions->intval(($record_count['anzahl'] - 1) / $records_per_page);
$vars['list_file'] = $this->listDef['file'];
@@ -247,7 +247,7 @@ class searchform {
$list_name = $this->listDef['name'];
$settings = $_SESSION['search'][$list_name];
unset($settings['page']);
- $data = $app->db->quote(serialize($settings));
+ $data = serialize($settings);
$userid = $_SESSION['s']['user']['userid'];
$groupid = $_SESSION['s']['user']['default_group'];
@@ -260,9 +260,8 @@ class searchform {
$sql = 'INSERT INTO `searchform` ( '
.'`sys_userid` , `sys_groupid` , `sys_perm_user` , `sys_perm_group` , `sys_perm_other` , `module` , `searchform` , `title` , `data` '
- .')VALUES ('
- ."'$userid', '$groupid', '$sys_perm_user', '$sys_perm_group', '$sys_perm_other', '$module', '$searchform', '$title', '$data')";
- $app->db->query($sql);
+ .')VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)';
+ $app->db->query($sql, $userid, $groupid, $sys_perm_user, $sys_perm_group, $sys_perm_other, $module, $searchform, $title, $data);
}
public function decode($record)
@@ -303,6 +302,7 @@ class searchform {
return $record;
}
+ /* TODO: check for double quoting mysql value */
public function encode($record)
{
global $app;
diff --git a/interface/lib/classes/session.inc.php b/interface/lib/classes/session.inc.php
index 8b3a7cffc4b530136d472cbe4b7510a5cfbc3df8..bef2a1037838b2c3253c771b3b5d280b21ad49b9 100644
--- a/interface/lib/classes/session.inc.php
+++ b/interface/lib/classes/session.inc.php
@@ -66,9 +66,9 @@ class session {
function read ($session_id) {
if($this->timeout > 0) {
- $rec = $this->db->queryOneRecord("SELECT * FROM sys_session WHERE session_id = '".$this->db->quote($session_id)."' AND (`permanent` = 'y' OR last_updated >= DATE_SUB(NOW(), INTERVAL " . intval($this->timeout) . " MINUTE))");
+ $rec = $this->db->queryOneRecord("SELECT * FROM sys_session WHERE session_id = ? AND (`permanent` = 'y' OR last_updated >= DATE_SUB(NOW(), INTERVAL ? MINUTE))", $session_id, $this->timeout);
} else {
- $rec = $this->db->queryOneRecord("SELECT * FROM sys_session WHERE session_id = '".$this->db->quote($session_id)."'");
+ $rec = $this->db->queryOneRecord("SELECT * FROM sys_session WHERE session_id = ?", $session_id);
}
if (is_array($rec)) {
@@ -87,23 +87,18 @@ class session {
// Dont write session_data to DB if session data has not been changed after reading it.
if(isset($this->session_array['session_data']) && $this->session_array['session_data'] != '' && $this->session_array['session_data'] == $session_data) {
- $session_id = $this->db->quote($session_id);
- $this->db->query("UPDATE sys_session SET last_updated = NOW() WHERE session_id = '$session_id'");
+ $this->db->query("UPDATE sys_session SET last_updated = NOW() WHERE session_id = ?", $session_id);
return true;
}
if (@$this->session_array['session_id'] == '') {
- $session_id = $this->db->quote($session_id);
- $session_data = $this->db->quote($session_data);
- $sql = "REPLACE INTO sys_session (session_id,date_created,last_updated,session_data,permanent) VALUES ('$session_id',NOW(),NOW(),'$session_data','" . ($this->permanent ? 'y' : 'n') . "')";
- $this->db->query($sql);
+ $sql = "REPLACE INTO sys_session (session_id,date_created,last_updated,session_data,permanent) VALUES (?,NOW(),NOW(),'$session_data',?)";
+ $this->db->query($sql, $session_id, ($this->permanent ? 'y' : 'n'));
} else {
- $session_id = $this->db->quote($session_id);
- $session_data = $this->db->quote($session_data);
- $sql = "UPDATE sys_session SET last_updated = NOW(), session_data = '$session_data'" . ($this->permanent ? ", `permanent` = 'y'" : "") . " WHERE session_id = '$session_id'";
- $this->db->query($sql);
+ $sql = "UPDATE sys_session SET last_updated = NOW(), session_data = ?" . ($this->permanent ? ", `permanent` = 'y'" : "") . " WHERE session_id = ?";
+ $this->db->query($sql, $session_data, $session_id);
}
@@ -112,25 +107,20 @@ class session {
function destroy ($session_id) {
- $session_id = $this->db->quote($session_id);
- $sql = "DELETE FROM sys_session WHERE session_id = '$session_id'";
- $this->db->query($sql);
+ $sql = "DELETE FROM sys_session WHERE session_id = ?";
+ $this->db->query($sql, $session_id);
return true;
}
function gc ($max_lifetime) {
- /*if($this->timeout > 0) {
- $this->db->query("DELETE FROM sys_session WHERE last_updated < DATE_SUB(NOW(), INTERVAL " . intval($this->timeout) . " MINUTE)");
- } else {*/
- $sql = "DELETE FROM sys_session WHERE last_updated < DATE_SUB(NOW(), INTERVAL " . intval($max_lifetime) . " SECOND) AND `permanent` != 'y'";
- $this->db->query($sql);
+ $sql = "DELETE FROM sys_session WHERE last_updated < DATE_SUB(NOW(), INTERVAL ? SECOND) AND `permanent` != 'y'";
+ $this->db->query($sql, intval($max_lifetime));
- /* delete very old even if they are permanent */
- $sql = "DELETE FROM sys_session WHERE last_updated < DATE_SUB(NOW(), INTERVAL 1 YEAR)";
- $this->db->query($sql);
- //}
+ /* delete very old even if they are permanent */
+ $sql = "DELETE FROM sys_session WHERE last_updated < DATE_SUB(NOW(), INTERVAL 1 YEAR)";
+ $this->db->query($sql);
return true;
diff --git a/interface/lib/classes/sites_database_plugin.inc.php b/interface/lib/classes/sites_database_plugin.inc.php
index bf53c61fadbc5d6494a99da32ff3943b7244ceff..89cb7ce9c278a649d610a2a8ef4891cafbb47ebd 100644
--- a/interface/lib/classes/sites_database_plugin.inc.php
+++ b/interface/lib/classes/sites_database_plugin.inc.php
@@ -40,15 +40,15 @@ class sites_database_plugin {
global $app;
if($form_page->dataRecord["parent_domain_id"] > 0) {
- $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($form_page->dataRecord["parent_domain_id"]));
+ $web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ?", $form_page->dataRecord["parent_domain_id"]);
//* The Database user shall be owned by the same group then the website
$sys_groupid = $app->functions->intval($web['sys_groupid']);
- $backup_interval = $app->db->quote($web['backup_interval']);
+ $backup_interval = $web['backup_interval'];
$backup_copies = $app->functions->intval($web['backup_copies']);
- $sql = "UPDATE web_database SET sys_groupid = '$sys_groupid', backup_interval = '$backup_interval', backup_copies = '$backup_copies' WHERE database_id = ".$form_page->id;
- $app->db->query($sql);
+ $sql = "UPDATE web_database SET sys_groupid = ?, backup_interval = ?, backup_copies = ? WHERE database_id = ?";
+ $app->db->query($sql, $sys_groupid, $backup_interval, $backup_copies, $form_page->id);
}
}
diff --git a/interface/lib/classes/tform.inc.php b/interface/lib/classes/tform.inc.php
index 7912f537dc78bb762ba11650ab2cd7b3ad2638f9..1376d7ded94c90f13204dff3fce85346d1e6e4e0 100644
--- a/interface/lib/classes/tform.inc.php
+++ b/interface/lib/classes/tform.inc.php
@@ -79,8 +79,8 @@ class tform extends tform_base {
$escape = '`';
}
- $sql = "SELECT ".$this->formDef['db_table_idx']." FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$record_id." AND ".$this->getAuthSQL($perm);
- if($record = $app->db->queryOneRecord($sql)) {
+ $sql = "SELECT ?? FROM ?? WHERE ?? = ? AND ".$this->getAuthSQL($perm);
+ if($record = $app->db->queryOneRecord($sql, $this->formDef['db_table_idx'], $this->formDef['db_table'], $this->formDef['db_table_idx'], $record_id)) {
return true;
} else {
return false;
@@ -133,8 +133,8 @@ class tform extends tform_base {
$escape = '`';
}
- $sql = "SELECT sys_userid FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id;
- $record = $app->db->queryOneRecord($sql);
+ $sql = "SELECT sys_userid FROM ?? WHERE ?? = ?";
+ $record = $app->db->queryOneRecord($sql, $this->formDef['db_table'], $this->formDef['db_table_idx'], $primary_id);
// return true if the readonly flag of the form is set and the current loggedin user is not the owner of the record.
if(isset($this->formDef['tabs'][$tab]['readonly']) && $this->formDef['tabs'][$tab]['readonly'] == true && $record['sys_userid'] != $_SESSION["s"]["user"]["userid"]) {
@@ -161,18 +161,17 @@ class tform extends tform_base {
global $app;
$check_passed = true;
- $limit_name = $app->db->quote($limit_name);
if($limit_name == '') $app->error('Limit name missing in function checkClientLimit.');
// Get the limits of the client that is currently logged in
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
- $client = $app->db->queryOneRecord("SELECT $limit_name as number, parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+ $client = $app->db->queryOneRecord("SELECT ?? as number, parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $limit_name, $client_group_id);
// Check if the user may add another item
if($client["number"] >= 0) {
- $sql = "SELECT count(".$this->formDef['db_table_idx'].") as number FROM ".$this->formDef['db_table']." WHERE ".$this->getAuthSQL('u');
+ $sql = "SELECT count(??) as number FROM ?? WHERE ".$this->getAuthSQL('u');
if($sql_where != '') $sql .= ' and '.$sql_where;
- $tmp = $app->db->queryOneRecord($sql);
+ $tmp = $app->db->queryOneRecord($sql, $this->formDef['db_table_idx'], $this->formDef['db_table']);
if($tmp["number"] >= $client["number"]) $check_passed = false;
}
@@ -183,30 +182,29 @@ class tform extends tform_base {
global $app;
$check_passed = true;
- $limit_name = $app->db->quote($limit_name);
if($limit_name == '') $app->error('Limit name missing in function checkClientLimit.');
// Get the limits of the client that is currently logged in
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
- $client = $app->db->queryOneRecord("SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+ $client = $app->db->queryOneRecord("SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
//* If the client belongs to a reseller, we will check against the reseller Limit too
if($client['parent_client_id'] != 0) {
//* first we need to know the groups of this reseller
- $tmp = $app->db->queryOneRecord("SELECT userid, groups FROM sys_user WHERE client_id = ".$client['parent_client_id']);
+ $tmp = $app->db->queryOneRecord("SELECT userid, groups FROM sys_user WHERE client_id = ?", $client['parent_client_id']);
$reseller_groups = $tmp["groups"];
$reseller_userid = $tmp["userid"];
// Get the limits of the reseller of the logged in client
$client_group_id = $_SESSION["s"]["user"]["default_group"];
- $reseller = $app->db->queryOneRecord("SELECT $limit_name as number FROM client WHERE client_id = ".$client['parent_client_id']);
+ $reseller = $app->db->queryOneRecord("SELECT $limit_name as number FROM client WHERE client_id = ?", $client['parent_client_id']);
// Check if the user may add another item
if($reseller["number"] >= 0) {
- $sql = "SELECT count(".$this->formDef['db_table_idx'].") as number FROM ".$this->formDef['db_table']." WHERE (sys_groupid IN (".$reseller_groups.") or sys_userid = ".$reseller_userid.")";
+ $sql = "SELECT count(??) as number FROM ?? WHERE (sys_groupid IN ? or sys_userid = ?)";
if($sql_where != '') $sql .= ' and '.$sql_where;
- $tmp = $app->db->queryOneRecord($sql);
+ $tmp = $app->db->queryOneRecord($sql, $this->formDef['db_table_idx'], $this->formDef['db_table'], explode(',', $reseller_groups), $reseller_userid);
if($tmp["number"] >= $reseller["number"]) $check_passed = false;
}
}
@@ -257,9 +255,13 @@ class tform extends tform_base {
if ($display_seconds === true) {
$dselect[] = 'second';
}
+
+ $tmp_dt = strtr($this->datetimeformat,array('d' => 'dd', 'm' => 'mm', 'Y' => 'yyyy', 'y' => 'yy', 'H' => 'hh', 'h' => 'HH', 'i' => 'ii')) . ($display_seconds ? ':ss' : '');
$out = '';
-
+
+ return '';
+/*
foreach ($dselect as $dt_element)
{
$dt_options = array();
@@ -320,7 +322,7 @@ class tform extends tform_base {
$selected_value = (int)floor(date('s', $_datetime));
break;
}
-
+
$out .= "' . str_repeat(' ', $dt_space);
}
- return $out;
+ return $out;*/
}
}
diff --git a/interface/lib/classes/tform_actions.inc.php b/interface/lib/classes/tform_actions.inc.php
index dfc943c8822a33039ea0cd82cf7e4a65a171fc2d..f172fea1f4c5fceb824281c8e1b54ee7cc6b3446 100644
--- a/interface/lib/classes/tform_actions.inc.php
+++ b/interface/lib/classes/tform_actions.inc.php
@@ -82,7 +82,7 @@ class tform_actions {
// check if the client is locked - he may not change anything, then.
if(!$app->auth->is_admin()) {
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
- $client = $app->db->queryOneRecord("SELECT client.locked FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ".$app->functions->intval($client_group_id));
+ $client = $app->db->queryOneRecord("SELECT client.locked FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
if(is_array($client) && $client['locked'] == 'y') {
$app->tform->errorMessage .= $app->lng("client_you_are_locked")." ";
}
@@ -311,7 +311,6 @@ class tform_actions {
if($app->tform->checkPerm($this->id, 'd') == false) $app->error($app->lng('error_no_delete_permission'));
}
- //$this->dataRecord = $app->db->queryOneRecord("SELECT * FROM ".$liste["table"]." WHERE ".$liste["table_idx"]." = ".$this->id);
$this->dataRecord = $app->tform->getDataRecord($this->id);
$app->plugin->raiseEvent($_SESSION['s']['module']['name'].':'.$app->tform->formDef['name'].':'.'on_check_delete', $this);
@@ -324,7 +323,7 @@ class tform_actions {
$app->tform->datalogSave('DELETE', $this->id, $this->dataRecord, array());
}
- $app->db->query("DELETE FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." LIMIT 1");
+ $app->db->query("DELETE FROM ?? WHERE ?? = ? LIMIT 1", $app->tform->formDef['db_table'], $app->tform->formDef['db_table_idx'], $this->id);
// loading plugins
@@ -379,11 +378,11 @@ class tform_actions {
$app->tpl->setInclude("content_tpl", $app->tform->formDef['template_print']);
if($app->tform->formDef['auth'] == 'no') {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
+ $sql = "SELECT * FROM ?? WHERE ?? = ?";
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
+ $sql = "SELECT * FROM ?? WHERE ?? = ? AND ".$app->tform->getAuthSQL('r');
}
- if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
+ if(!$record = $app->db->queryOneRecord($sql, $app->tform->formDef['db_table'], $app->tform->formDef['db_table_idx'], $this->id)) $app->error($app->lng('error_no_view_permission'));
$record["datum"] = date("d.m.Y");
@@ -423,11 +422,11 @@ class tform_actions {
$app->tpl->setInclude("content_tpl", $app->tform->formDef['template_mailsend']);
$app->tpl->setVar('show_mail', 1);
if($app->tform->formDef['auth'] == 'no') {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
+ $sql = "SELECT * FROM ?? WHERE ?? = ?";
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
+ $sql = "SELECT * FROM ?? WHERE ?? = ? AND ".$app->tform->getAuthSQL('r');
}
- if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
+ if(!$record = $app->db->queryOneRecord($sql, $app->tform->formDef['db_table'], $app->tform->formDef['db_table_idx'], $this->id)) $app->error($app->lng('error_no_view_permission'));
$record["datum"] = date("d.m.Y");
$record["mailmessage"] = $_POST["message"];
@@ -459,11 +458,11 @@ class tform_actions {
if($app->tform->formDef['auth'] == 'no') {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
+ $sql = "SELECT * FROM ?? WHERE ?? = ?";
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
+ $sql = "SELECT * FROM ?? WHERE ?? = ? AND ".$app->tform->getAuthSQL('r');
}
- if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
+ if(!$record = $app->db->queryOneRecord($sql, $app->tform->formDef['db_table'], $app->tform->formDef['db_table_idx'], $this->id)) $app->error($app->lng('error_no_view_permission'));
$record["datum"] = date("d.m.Y");
@@ -560,11 +559,11 @@ class tform_actions {
// bestehenden Datensatz anzeigen
if($app->tform->errorMessage == '') {
if($app->tform->formDef['auth'] == 'yes' && $_SESSION["s"]["user"]["typ"] != 'admin') {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id." AND ".$app->tform->getAuthSQL('r');
+ $sql = "SELECT * FROM ?? WHERE ?? = ? AND ".$app->tform->getAuthSQL('r');
} else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = ".$this->id;
+ $sql = "SELECT * FROM ?? WHERE ?? = ?";
}
- if(!$record = $app->db->queryOneRecord($sql)) $app->error($app->lng('error_no_view_permission'));
+ if(!$record = $app->db->queryOneRecord($sql, $app->tform->formDef['db_table'], $app->tform->formDef['db_table_idx'], $this->id)) $app->error($app->lng('error_no_view_permission'));
} else {
// $record = $app->tform->encode($_POST,$this->active_tab);
$record = $app->tform->encode($this->dataRecord, $this->active_tab, false);
diff --git a/interface/lib/classes/tform_base.inc.php b/interface/lib/classes/tform_base.inc.php
index e27940d4f5c0270eaea15d4e5c02528cb9f1419a..749ea5c708abceb8f9e0a489b55730b8d7bdf022 100644
--- a/interface/lib/classes/tform_base.inc.php
+++ b/interface/lib/classes/tform_base.inc.php
@@ -98,6 +98,7 @@ class tform_base {
var $errorMessage = '';
var $dateformat = "d.m.Y";
+ var $datetimeformat = 'd.m.Y H:i';
var $formDef = array();
var $wordbook;
var $module;
@@ -153,6 +154,7 @@ class tform_base {
$this->wordbook = $wb;
$this->dateformat = $app->lng('conf_format_dateshort');
+ $this->datetimeformat = $app->lng('conf_format_datetime');
return true;
}
@@ -347,7 +349,7 @@ class tform_base {
return $values;
} else {
$client_group_id = $_SESSION["s"]["user"]["default_group"];
- $client = $app->db->queryOneRecord("SELECT ".$limit_parts[1]." as lm FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+ $client = $app->db->queryOneRecord("SELECT ".$limit_parts[1]." as lm FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
$allowed = explode(',', $client['lm']);
}
}
@@ -359,19 +361,19 @@ class tform_base {
} else {
//* Get the limits of the client that is currently logged in
$client_group_id = $_SESSION["s"]["user"]["default_group"];
- $client = $app->db->queryOneRecord("SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+ $client = $app->db->queryOneRecord("SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
//echo "SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id";
//* If the client belongs to a reseller, we will check against the reseller Limit too
if($client['parent_client_id'] != 0) {
//* first we need to know the groups of this reseller
- $tmp = $app->db->queryOneRecord("SELECT userid, groups FROM sys_user WHERE client_id = ".$client['parent_client_id']);
+ $tmp = $app->db->queryOneRecord("SELECT userid, groups FROM sys_user WHERE client_id = ?", $client['parent_client_id']);
$reseller_groups = $tmp["groups"];
$reseller_userid = $tmp["userid"];
// Get the limits of the reseller of the logged in client
$client_group_id = $_SESSION["s"]["user"]["default_group"];
- $reseller = $app->db->queryOneRecord("SELECT ".$limit_parts[1]." as lm FROM client WHERE client_id = ".$client['parent_client_id']);
+ $reseller = $app->db->queryOneRecord("SELECT ".$limit_parts[1]." as lm FROM client WHERE client_id = ?", $client['parent_client_id']);
$allowed = explode(',', $reseller['lm']);
} else {
return $values;
@@ -708,13 +710,8 @@ class tform_base {
if($record[$key] != '' && $record[$key] != '0000-00-00') {
if(function_exists('date_parse_from_format')) {
$date_parts = date_parse_from_format($this->dateformat, $record[$key]);
- //list($tag,$monat,$jahr) = explode('.',$record[$key]);
- $new_record[$key] = $date_parts['year'].'-'.$date_parts['month'].'-'.$date_parts['day'];
- //$tmp = strptime($record[$key],$this->dateformat);
- //$new_record[$key] = ($tmp['tm_year']+1900).'-'.($tmp['tm_mon']+1).'-'.$tmp['tm_mday'];
+ $new_record[$key] = $date_parts['year'].'-'.str_pad($date_parts['month'], 2, "0", STR_PAD_LEFT).'-'.str_pad($date_parts['day'], 2, "0", STR_PAD_LEFT);
} else {
- //$tmp = strptime($record[$key],$this->dateformat);
- //$new_record[$key] = ($tmp['tm_year']+1900).'-'.($tmp['tm_mon']+1).'-'.$tmp['tm_mday'];
$tmp = strtotime($record[$key]);
$new_record[$key] = date('Y-m-d', $tmp);
}
@@ -724,8 +721,6 @@ class tform_base {
break;
case 'INTEGER':
$new_record[$key] = (isset($record[$key]))?$app->functions->intval($record[$key]):0;
- //if($new_record[$key] != $record[$key]) $new_record[$key] = $field['default'];
- //if($key == 'refresh') die($record[$key]);
break;
case 'DOUBLE':
$new_record[$key] = $record[$key];
@@ -735,7 +730,7 @@ class tform_base {
break;
case 'DATETIME':
- if (is_array($record[$key]))
+ /*if (is_array($record[$key]))
{
$filtered_values = array_map(create_function('$item', 'return (int)$item;'), $record[$key]);
extract($filtered_values, EXTR_PREFIX_ALL, '_dt');
@@ -743,7 +738,14 @@ class tform_base {
if ($_dt_day != 0 && $_dt_month != 0 && $_dt_year != 0) {
$new_record[$key] = date( 'Y-m-d H:i:s', mktime($_dt_hour, $_dt_minute, $_dt_second, $_dt_month, $_dt_day, $_dt_year) );
}
- }
+ } else {*/
+ if($record[$key] != '' && $record[$key] != '0000-00-00 00:00:00') {
+ $tmp = strtotime($record[$key]);
+ $new_record[$key] = date($this->datetimeformat, $tmp);
+ } else {
+ $new_record[$key] = '0000-00-00 00:00:00';
+ }
+ /*}*/
break;
}
@@ -810,6 +812,9 @@ class tform_base {
case 'IDNTOUTF8':
$returnval = $app->functions->idn_decode($returnval);
break;
+ case 'TRIM':
+ $returnval = trim($returnval);
+ break;
default:
$this->errorMessage .= "Unknown Filter: ".$filter['type'];
break;
@@ -853,7 +858,7 @@ class tform_base {
if($validator['allowempty'] != 'y') $validator['allowempty'] = 'n';
if($validator['allowempty'] == 'n' || ($validator['allowempty'] == 'y' && $field_value != '')){
if($this->action == 'NEW') {
- $num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."'");
+ $num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ?? WHERE ?? = ?", $this->formDef['db_table'], $field_name, $field_value);
if($num_rec["number"] > 0) {
$errmsg = $validator['errmsg'];
if(isset($this->wordbook[$errmsg])) {
@@ -863,7 +868,7 @@ class tform_base {
}
}
} else {
- $num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."' AND ".$this->formDef['db_table_idx']." != ".$this->primary_id);
+ $num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ?? WHERE ?? = ? AND ?? != ?", $this->formDef['db_table'], $field_name, $field_value, $this->formDef['db_table_idx'], $this->primary_id);
if($num_rec["number"] > 0) {
$errmsg = $validator['errmsg'];
if(isset($this->wordbook[$errmsg])) {
@@ -1108,6 +1113,7 @@ class tform_base {
* @param primary_id
* @return record
*/
+ /* TODO: check for double quoting */
protected function _getSQL($record, $tab, $action = 'INSERT', $primary_id = 0, $sql_ext_where = '', $api = false) {
global $app;
@@ -1139,7 +1145,7 @@ class tform_base {
$record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
} elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') {
- $tmp = $app->db->queryOneRecord("SELECT PASSWORD('".$app->db->quote(stripslashes($record[$key]))."') as `crypted`");
+ $tmp = $app->db->queryOneRecord("SELECT PASSWORD(?) as `crypted`", stripslashes($record[$key]));
$record[$key] = $tmp['crypted'];
$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
} else {
@@ -1167,7 +1173,7 @@ class tform_base {
$record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
} elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') {
- $tmp = $app->db->queryOneRecord("SELECT PASSWORD('".$app->db->quote(stripslashes($record[$key]))."') as `crypted`");
+ $tmp = $app->db->queryOneRecord("SELECT PASSWORD(?) as `crypted`", stripslashes($record[$key]));
$record[$key] = $tmp['crypted'];
$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
} else {
@@ -1359,8 +1365,8 @@ class tform_base {
function getDataRecord($primary_id) {
global $app;
$escape = '`';
- $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id." AND ".$this->getAuthSQL('r', $this->formDef['db_table']);
- return $app->db->queryOneRecord($sql);
+ $sql = "SELECT * FROM ?? WHERE ?? = ? AND ".$this->getAuthSQL('r', $this->formDef['db_table']);
+ return $app->db->queryOneRecord($sql, $this->formDef['db_table'], $this->formDef['db_table_idx'], $primary_id);
}
diff --git a/interface/lib/classes/tform_tpl_generator.inc.php b/interface/lib/classes/tform_tpl_generator.inc.php
index 49fd274a898e67ff6d955b052ce0d679a89e0ad8..b759e5128f9fea3cff775c9ff55db204438a23ef 100644
--- a/interface/lib/classes/tform_tpl_generator.inc.php
+++ b/interface/lib/classes/tform_tpl_generator.inc.php
@@ -136,8 +136,8 @@ class tform_tpl_generator {
-
-
+
+
diff --git a/interface/lib/classes/tools_monitor.inc.php b/interface/lib/classes/tools_monitor.inc.php
index db8c91ec2a83eb4ee2e8dc2a6128fef8fcddf565..bd1a969d57457fee98709adf390ea4ab12b0e00f 100644
--- a/interface/lib/classes/tools_monitor.inc.php
+++ b/interface/lib/classes/tools_monitor.inc.php
@@ -33,7 +33,7 @@ class tools_monitor {
global $app;
/* fetch the Data from the DB */
- $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'server_load' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+ $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'server_load' AND server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
if(isset($record['data'])) {
$data = unserialize($record['data']);
@@ -80,7 +80,7 @@ class tools_monitor {
global $app;
/* fetch the Data from the DB */
- $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'disk_usage' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+ $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'disk_usage' AND server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
if(isset($record['data'])) {
$data = unserialize($record['data']);
@@ -91,16 +91,18 @@ class tools_monitor {
$html =
'
-
+
+
- '.$app->lng("monitor_diskusage_filesystem_txt").' |
- '.$app->lng("monitor_diskusage_type_txt").' |
- '.$app->lng("monitor_diskusage_size_txt").' |
- '.$app->lng("monitor_diskusage_used_txt").' |
- '.$app->lng("monitor_diskusage_available_txt").' |
- '.$app->lng("monitor_diskusage_usage_txt").' |
- '.$app->lng("monitor_diskusage_mounted_txt").' |
- ';
+ '.$app->lng("monitor_diskusage_filesystem_txt").' |
+ '.$app->lng("monitor_diskusage_type_txt").' |
+ '.$app->lng("monitor_diskusage_size_txt").' |
+ '.$app->lng("monitor_diskusage_used_txt").' |
+ '.$app->lng("monitor_diskusage_available_txt").' |
+ '.$app->lng("monitor_diskusage_usage_txt").' |
+ '.$app->lng("monitor_diskusage_mounted_txt").' |
+
+ ';
foreach($data as $line) {
$html .= '';
foreach ($line as $item) {
@@ -108,7 +110,7 @@ class tools_monitor {
}
$html .= ' ';
}
- $html .= ' ';
+ $html .= ' ';
$html .= ' ';
} else {
$html = ''.$app->lng("no_data_diskusage_txt").' ';
@@ -121,28 +123,31 @@ class tools_monitor {
function showDatabaseSize () {
global $app;
/* fetch the Data from the DB */
- $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'database_size' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+ $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'database_size' AND server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
if(isset($record['data'])) {
$data = unserialize($record['data']);
//* format the data
$html =
'
-
- '.$app->lng("monitor_database_name_txt").' |
- '.$app->lng("monitor_database_size_txt").' |
- '.$app->lng("monitor_database_client_txt").' |
- '.$app->lng("monitor_database_domain_txt").' |
- ';
+
+ '.$app->lng("monitor_database_name_txt").' |
+ '.$app->lng("monitor_database_size_txt").' |
+ '.$app->lng("monitor_database_client_txt").' |
+ '.$app->lng("monitor_database_domain_txt").' |
+
+ ';
foreach($data as $line) {
$html .= '';
if ($line['size'] > 0) $line['size'] = $app->functions->formatBytes($line['size']);
//* get the client
- $line['client']=$app->db->queryOneRecord("SELECT client.username FROM web_database, sys_group, client WHERE web_database.sys_groupid = sys_group.groupid AND sys_group.client_id = client.client_id AND web_database.database_name='".$line['database_name']."'")['username'];
+ $tmp = $app->db->queryOneRecord("SELECT client.username FROM web_database, sys_group, client WHERE web_database.sys_groupid = sys_group.groupid AND sys_group.client_id = client.client_id AND web_database.database_name=?", $line['database_name']);
+ $line['client'] = $tmp['username'];
//* get the domain
- $line['domain']=$app->db->queryOneRecord("SELECT domain FROM web_domain WHERE domain_id=(SELECT parent_domain_id FROM web_database WHERE database_name='".$line['database_name']."')")['domain'];
+ $tmp = $app->db->queryOneRecord("SELECT domain FROM web_domain WHERE domain_id=(SELECT parent_domain_id FROM web_database WHERE database_name=?", $line['database_name']);
+ $line['domain'] = $tmp['domain'];
//* remove the sys_groupid from output
unset($line['sys_groupid']);
@@ -150,7 +155,7 @@ class tools_monitor {
foreach ($line as $item) {
$html .= '' . $item . ' | ';
}
- $html .= ' ';
+ $html .= '';
}
$html .= ' ';
} else {
@@ -163,7 +168,7 @@ class tools_monitor {
global $app;
/* fetch the Data from the DB */
- $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'mem_usage' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+ $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'mem_usage' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
if(isset($record['data'])) {
$data = unserialize($record['data']);
@@ -174,7 +179,8 @@ class tools_monitor {
$html =
'
- ';
+
+ ';
foreach($data as $key => $value) {
if ($key != '') {
@@ -184,7 +190,7 @@ class tools_monitor {
';
}
}
- $html .= ' ';
+ $html .= ' ';
$html .= ' ';
} else {
@@ -198,7 +204,7 @@ class tools_monitor {
global $app;
/* fetch the Data from the DB */
- $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'cpu_info' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+ $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'cpu_info' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
if(isset($record['data'])) {
$data = unserialize($record['data']);
@@ -209,7 +215,8 @@ class tools_monitor {
$html =
'
- ';
+
+ ';
foreach($data as $key => $value) {
if ($key != '') {
$html .= '
@@ -218,7 +225,7 @@ class tools_monitor {
';
}
}
- $html .= ' ';
+ $html .= ' ';
$html .= ' ';
} else {
$html = ''.$app->lng("no_data_cpuinfo_txt").' ';
@@ -231,7 +238,7 @@ class tools_monitor {
global $app;
/* fetch the Data from the DB */
- $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'services' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+ $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'services' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
if(isset($record['data'])) {
$data = unserialize($record['data']);
@@ -242,7 +249,8 @@ class tools_monitor {
$html =
'
- ';
+
+ ';
if($data['webserver'] != -1) {
if($data['webserver'] == 1) {
@@ -330,7 +338,7 @@ class tools_monitor {
}
- $html .= ' ';
+ $html .= ' ';
} else {
$html = ''.$app->lng("no_data_services_txt").' ';
}
@@ -343,7 +351,7 @@ class tools_monitor {
global $app;
/* fetch the Data from the DB */
- $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'system_update' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+ $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'system_update' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
if(isset($record['data'])) {
$html =
@@ -373,7 +381,7 @@ class tools_monitor {
global $app;
/* fetch the Data from the DB */
- $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'openvz_beancounter' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+ $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'openvz_beancounter' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
if(isset($record['data'])) {
$html =
@@ -402,7 +410,7 @@ class tools_monitor {
global $app;
/* fetch the Data from the DB */
- $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'raid_state' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+ $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'raid_state' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
if(isset($record['data'])) {
$html =
@@ -435,7 +443,7 @@ class tools_monitor {
global $app;
/* fetch the Data from the DB */
- $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'rkhunter' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+ $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'rkhunter' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
if(isset($record['data'])) {
$html =
@@ -466,7 +474,7 @@ class tools_monitor {
global $app;
/* fetch the Data from the DB */
- $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'log_fail2ban' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+ $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'log_fail2ban' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
if(isset($record['data'])) {
$html =
@@ -480,7 +488,7 @@ class tools_monitor {
$data = unserialize($record['data']);
if ($data == '') {
$html .= ''.
- 'fail2ban is not installed at this server. ' .
+ 'fail2ban is not installed on this server. ' .
'See more (for debian) here...'.
' ';
}
@@ -500,7 +508,7 @@ class tools_monitor {
global $app;
/* fetch the Data from the DB */
- $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'log_mongodb' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+ $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'log_mongodb' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
if(isset($record['data'])) {
$html =
@@ -514,8 +522,7 @@ class tools_monitor {
$data = unserialize($record['data']);
if ($data == '') {
$html .= ''.
- 'MongoDB is not installed at this server. ' .
- 'See more (for debian) here...'.
+ 'MongoDB is not installed on this server. ' .
' ';
}
else {
@@ -532,7 +539,7 @@ class tools_monitor {
function showIPTables() {
global $app;
- $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'iptables_rules' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+ $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'iptables_rules' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
if(isset($record['data'])) {
$html =
'
@@ -556,7 +563,7 @@ class tools_monitor {
global $app;
/* fetch the Data from the DB */
- $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'mailq' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+ $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'mailq' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
if(isset($record['data'])) {
$data = unserialize($record['data']);
@@ -572,7 +579,7 @@ class tools_monitor {
global $app;
/* fetch the Data from the DB */
- $record = $app->db->queryOneRecord("SELECT created FROM monitor_data WHERE type = '" . $type . "' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+ $record = $app->db->queryOneRecord("SELECT created FROM monitor_data WHERE type = ? and server_id = ? ORDER BY created DESC", $type, $_SESSION['monitor']['server_id']);
/* TODO: datetimeformat should be set somewhat other way */
$dateTimeFormat = $app->lng("monitor_settings_datetimeformat_txt");
diff --git a/interface/lib/classes/tools_sites.inc.php b/interface/lib/classes/tools_sites.inc.php
index 3400c5b708097d837a6880881b1e4a064d9fdd5d..b2881f57cc7e28a96554b8f585d17873100035fe 100644
--- a/interface/lib/classes/tools_sites.inc.php
+++ b/interface/lib/classes/tools_sites.inc.php
@@ -87,7 +87,7 @@ class tools_sites {
if(isset($dataRecord['client_group_id'])) {
$client_group_id = $dataRecord['client_group_id'];
} elseif (isset($dataRecord['parent_domain_id'])) {
- $tmp = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = " . $dataRecord['parent_domain_id']);
+ $tmp = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ?", $dataRecord['parent_domain_id']);
$client_group_id = $tmp['sys_groupid'];
} elseif(isset($dataRecord['sys_groupid'])) {
$client_group_id = $dataRecord['sys_groupid'];
@@ -96,7 +96,7 @@ class tools_sites {
}
}
- $tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $app->functions->intval($client_group_id));
+ $tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = ?", $client_group_id);
$clientName = $tmp['name'];
if ($clientName == "") $clientName = 'default';
$clientName = $this->convertClientName($clientName);
@@ -114,7 +114,7 @@ class tools_sites {
if(isset($dataRecord['client_group_id'])) {
$client_group_id = $dataRecord['client_group_id'];
} elseif (isset($dataRecord['parent_domain_id']) && $dataRecord['parent_domain_id'] != 0) {
- $tmp = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = " . $dataRecord['parent_domain_id']);
+ $tmp = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ?", $dataRecord['parent_domain_id']);
$client_group_id = $tmp['sys_groupid'];
} elseif(isset($dataRecord['sys_groupid'])) {
$client_group_id = $dataRecord['sys_groupid'];
@@ -122,7 +122,7 @@ class tools_sites {
return '[CLIENTID]';
}
}
- $tmp = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE groupid = " . $app->functions->intval($client_group_id));
+ $tmp = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE groupid = ?", $client_group_id);
$clientID = $tmp['client_id'];
if ($clientID == '') $clientID = '0';
return $clientID;
@@ -144,6 +144,7 @@ class tools_sites {
return $res;
}
+ /* TODO: rewrite SQL */
function getDomainModuleDomains($not_used_in_table = null, $selected_domain = null) {
global $app;
@@ -168,6 +169,7 @@ class tools_sites {
return $app->db->queryAllRecords($sql, $not_used_in_table, $selected_domain);
}
+ /* TODO: rewrite SQL */
function checkDomainModuleDomain($domain_id) {
global $app;
@@ -180,7 +182,8 @@ class tools_sites {
if(!$domain || !$domain['domain_id']) return false;
return $domain['domain'];
}
-
+
+ /* TODO: rewrite SQL */
function getClientIdForDomain($domain_id) {
global $app;
diff --git a/interface/lib/classes/validate_client.inc.php b/interface/lib/classes/validate_client.inc.php
index 0f90a5b3d1c5b706ffdc4f12ad35175df645b249..db55b04f187862eecd25593396597303f27c3aff 100644
--- a/interface/lib/classes/validate_client.inc.php
+++ b/interface/lib/classes/validate_client.inc.php
@@ -43,7 +43,7 @@ class validate_client {
}
if($client_id == 0) {
- $num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM sys_user WHERE username = '".$app->db->quote($field_value)."'");
+ $num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM sys_user WHERE username = ?", $field_value);
if($num_rec["number"] > 0) {
$errmsg = $validator['errmsg'];
if(isset($app->tform->wordbook[$errmsg])) {
@@ -53,7 +53,7 @@ class validate_client {
}
}
} else {
- $num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM sys_user WHERE username = '".$app->db->quote($field_value)."' AND client_id != ".$app->functions->intval($client_id));
+ $num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM sys_user WHERE username = ? AND client_id != ?", $field_value, $client_id);
if($num_rec["number"] > 0) {
$errmsg = $validator['errmsg'];
if(isset($app->tform->wordbook[$errmsg])) {
@@ -108,20 +108,24 @@ class validate_client {
switch ($field_name)
{
case 'web_servers':
- $used_servers = $app->db->queryAllRecords('SELECT domain_id FROM web_domain INNER JOIN sys_user ON web_domain.sys_userid = sys_user.userid WHERE client_id = ' . $client_id . ' AND server_id NOT IN (' . implode(', ', $field_value) . ');');
+ $used_servers = $app->db->queryAllRecords('SELECT domain_id FROM web_domain INNER JOIN sys_user ON web_domain.sys_userid = sys_user.userid WHERE client_id = ? AND server_id NOT IN ?', $client_id, $field_value);
break;
case 'dns_servers':
- $used_servers = $app->db->queryAllRecords('SELECT id FROM dns_rr INNER JOIN sys_user ON dns_rr.sys_userid = sys_user.userid WHERE client_id = ' . $client_id . ' AND server_id NOT IN (' . implode(', ', $field_value) . ');');
+ $used_servers = $app->db->queryAllRecords('SELECT id FROM dns_rr INNER JOIN sys_user ON dns_rr.sys_userid = sys_user.userid WHERE client_id = ? AND server_id NOT IN ?', $client_id, $field_value);
break;
case 'db_servers':
- $used_servers = $app->db->queryAllRecords('SELECT database_id FROM web_database INNER JOIN sys_user ON web_database.sys_userid = sys_user.userid WHERE client_id = ' . $client_id . ' AND server_id NOT IN (' . implode(', ', $field_value) . ');');
+ $used_servers = $app->db->queryAllRecords('SELECT database_id FROM web_database INNER JOIN sys_user ON web_database.sys_userid = sys_user.userid WHERE client_id = ? AND server_id NOT IN ?', $client_id, $field_value);
break;
case 'mail_servers':
- $used_servers = $app->db->queryAllRecords('SELECT domain_id FROM mail_domain INNER JOIN sys_user ON mail_domain.sys_userid = sys_user.userid WHERE client_id = ' . $client_id . ' AND server_id NOT IN (' . implode(', ', $field_value) . ');');
+ $used_servers = $app->db->queryAllRecords('SELECT domain_id FROM mail_domain INNER JOIN sys_user ON mail_domain.sys_userid = sys_user.userid WHERE client_id = ? AND server_id NOT IN ?', $client_id, $field_value);
break;
+
+ case 'xmpp_servers':
+ $used_servers = $app->db->queryAllRecords('SELECT domain_id FROM xmpp_domain INNER JOIN sys_user ON xmpp_domain.sys_userid = sys_user.userid WHERE client_id = ? AND server_id NOT IN ?', $client_id, $field_value);
+ break;
}
if ($used_servers === null || count($used_servers))
@@ -136,7 +140,87 @@ class validate_client {
}
}
+ function check_vat_id ($field_name, $field_value, $validator){
+ global $app, $page;
+
+ $vatid = trim($field_value);
+ if(isset($app->remoting_lib->primary_id)) {
+ $country = $app->remoting_lib->dataRecord['country'];
+ } else {
+ $country = $page->dataRecord['country'];
+ }
+
+ // check if country is member of EU
+ $country_details = $app->db->queryOneRecord("SELECT * FROM country WHERE iso = ?", $country);
+ if($country_details['eu'] == 'y' && $vatid != ''){
+
+ $vatid = preg_replace('/\s+/', '', $vatid);
+ $vatid = str_replace(array('.', '-', ','), '', $vatid);
+ $cc = substr($vatid, 0, 2);
+ $vn = substr($vatid, 2);
+
+ // Test if the country of the VAT-ID matches the country of the customer
+ if($country != ''){
+ // Greece
+ if($country == 'GR') $country = 'EL';
+ if(strtoupper($cc) != $country){
+ $errmsg = $validator['errmsg'];
+ if(isset($app->tform->wordbook[$errmsg])) {
+ return $app->tform->wordbook[$errmsg]." \r\n";
+ } else {
+ return $errmsg." \r\n";
+ }
+ }
+ }
+ $client = new SoapClient("http://ec.europa.eu/taxation_customs/vies/checkVatService.wsdl");
+
+ if($client){
+ $params = array('countryCode' => $cc, 'vatNumber' => $vn);
+ try{
+ $r = $client->checkVat($params);
+ if($r->valid == true){
+ } else {
+ $errmsg = $validator['errmsg'];
+ if(isset($app->tform->wordbook[$errmsg])) {
+ return $app->tform->wordbook[$errmsg]." \r\n";
+ } else {
+ return $errmsg." \r\n";
+ }
+ }
+
+ // This foreach shows every single line of the returned information
+ /*
+ foreach($r as $k=>$prop){
+ echo $k . ': ' . $prop;
+ }
+ */
+
+ } catch(SoapFault $e) {
+ //echo 'Error, see message: '.$e->faultstring;
+ switch ($e->faultstring) {
+ case 'INVALID_INPUT':
+ $errmsg = $validator['errmsg'];
+ if(isset($app->tform->wordbook[$errmsg])) {
+ return $app->tform->wordbook[$errmsg]." \r\n";
+ } else {
+ return $errmsg." \r\n";
+ }
+ break;
+ // the following cases shouldn't be the user's fault, so we return no error
+ case 'SERVICE_UNAVAILABLE':
+ case 'MS_UNAVAILABLE':
+ case 'TIMEOUT':
+ case 'SERVER_BUSY':
+ break;
+ }
+ }
+ } else {
+ // Connection to host not possible, europe.eu down?
+ // this shouldn't be the user's fault, so we return no error
+ }
+ }
+ }
}
diff --git a/interface/lib/classes/validate_dkim.inc.php b/interface/lib/classes/validate_dkim.inc.php
index 71fd8c5454a847b1877cd9d74e81502538803851..5d7fb8f1e369a88930ca90379ee90be5af2cb203 100644
--- a/interface/lib/classes/validate_dkim.inc.php
+++ b/interface/lib/classes/validate_dkim.inc.php
@@ -62,8 +62,10 @@ class validate_dkim {
*/
function check_template($field_name, $field_value, $validator) {
$dkim=false;
- foreach($field_value as $field ) { if($field == 'DKIM') $dkim=true; }
- if ($dkim && $field_value[0]!='DOMAIN') return $this->get_error($validator['errmsg']);
+ if(is_array($field_value) && !empty($field_value)){
+ foreach($field_value as $field ) { if($field == 'DKIM') $dkim=true; }
+ if ($dkim && $field_value[0]!='DOMAIN') return $this->get_error($validator['errmsg']);
+ }
}
diff --git a/interface/lib/classes/validate_dns.inc.php b/interface/lib/classes/validate_dns.inc.php
index 212c4d75dccd8aaf7b537f342b9a7465be22cf10..a6920e0b01d4f033326b148f425d34631d2cb9bb 100644
--- a/interface/lib/classes/validate_dns.inc.php
+++ b/interface/lib/classes/validate_dns.inc.php
@@ -104,7 +104,7 @@ class validate_dns {
}
if(substr($field, -1) == '.' && $area == 'Name'){
- $soa = $app->db->queryOneRecord("SELECT * FROM soa WHERE id = ".intval($zoneid));
+ $soa = $app->db->queryOneRecord("SELECT * FROM soa WHERE id = ?", $zoneid);
if(substr($field, (strlen($field) - strlen($soa['origin']))) != $soa['origin']) $error .= $desc." ".$app->tform->wordbook['error_out_of_zone']." \r\n";
}
diff --git a/interface/lib/classes/validate_domain.inc.php b/interface/lib/classes/validate_domain.inc.php
index a072412584f51bb4a4d5b226c20009449df983c5..fde14b0010a2af2b825cc1fb2bb1fd3f66bd9e5d 100644
--- a/interface/lib/classes/validate_domain.inc.php
+++ b/interface/lib/classes/validate_domain.inc.php
@@ -88,8 +88,8 @@ class validate_domain {
$app->uses('ini_parser,getconf');
$settings = $app->getconf->get_global_config('domains');
if ($settings['use_domain_module'] == 'y') {
- $sql = "SELECT domain_id, domain FROM domain WHERE domain_id = " . $app->functions->intval($check_domain);
- $domain_check = $app->db->queryOneRecord($sql);
+ $sql = "SELECT domain_id, domain FROM domain WHERE domain_id = ?";
+ $domain_check = $app->db->queryOneRecord($sql, $check_domain);
if(!$domain_check) return;
$check_domain = $domain_check['domain'];
}
@@ -157,24 +157,31 @@ class validate_domain {
if($domain['ip_address'] == '' || $domain['ipv6_address'] == ''){
if($domain['parent_domain_id'] > 0){
- $parent_domain = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($domain['parent_domain_id']));
+ $parent_domain = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ?", $domain['parent_domain_id']);
+ if(is_array($parent_domain) && !empty($parent_domain)){
+ $domain['ip_address'] = $parent_domain['ip_address'];
+ $domain['ipv6_address'] = $parent_domain['ipv6_address'];
+ }
}
}
// check if domain has alias/subdomains - if we move a web to another IP, make sure alias/subdomains are checked as well
- $aliassubdomains = $app->db->queryAllRecords("SELECT * FROM web_domain WHERE parent_domain_id = ".$app->functions->intval($primary_id)." AND (type = 'alias' OR type = 'subdomain' OR type = 'vhostsubdomain')");
+ $aliassubdomains = $app->db->queryAllRecords("SELECT * FROM web_domain WHERE parent_domain_id = ? AND (type = 'alias' OR type = 'subdomain' OR type = 'vhostsubdomain')", $primary_id);
$additional_sql1 = '';
$additional_sql2 = '';
+ $domain_params = array();
if(is_array($aliassubdomains) && !empty($aliassubdomains)){
foreach($aliassubdomains as $aliassubdomain){
- $additional_sql1 .= " OR d.domain = '".$app->db->quote($aliassubdomain['domain'])."'";
- $additional_sql2 .= " OR CONCAT(d.subdomain, '.', d.domain) = '".$app->db->quote($aliassubdomain['domain'])."'";
+ $additional_sql1 .= " OR d.domain = ?";
+ $additional_sql2 .= " OR CONCAT(d.subdomain, '.', d.domain) = ?";
+ $domain_params[] = $aliassubdomain['domain'];
}
}
- $qrystr = "SELECT d.domain_id, IF(d.parent_domain_id != 0 AND p.domain_id IS NOT NULL, p.ip_address, d.ip_address) as `ip_address`, IF(d.parent_domain_id != 0 AND p.domain_id IS NOT NULL, p.ipv6_address, d.ipv6_address) as `ipv6_address` FROM `web_domain` as d LEFT JOIN `web_domain` as p ON (p.domain_id = d.parent_domain_id) WHERE (d.domain = '" . $app->db->quote($domain_name) . "'" . $additional_sql1 . ") AND d.server_id = " . $app->functions->intval($domain['server_id']) . " AND d.domain_id != " . $app->functions->intval($primary_id) . ($primary_id ? " AND d.parent_domain_id != " . $app->functions->intval($primary_id) : "");
- $checks = $app->db->queryAllRecords($qrystr);
+ $qrystr = "SELECT d.domain_id, IF(d.parent_domain_id != 0 AND p.domain_id IS NOT NULL, p.ip_address, d.ip_address) as `ip_address`, IF(d.parent_domain_id != 0 AND p.domain_id IS NOT NULL, p.ipv6_address, d.ipv6_address) as `ipv6_address` FROM `web_domain` as d LEFT JOIN `web_domain` as p ON (p.domain_id = d.parent_domain_id) WHERE (d.domain = ?" . $additional_sql1 . ") AND d.server_id = ? AND d.domain_id != ?" . ($primary_id ? " AND d.parent_domain_id != ?" : "");
+ $params = array($domain_name) + $domain_params + array($domain['server_id'], $primary_id, $primary_id);
+ $checks = $app->db->queryAllRecords($qrystr, true, $params);
if(is_array($checks) && !empty($checks)){
foreach($checks as $check){
if($domain['ip_address'] == '*') return false;
@@ -185,8 +192,9 @@ class validate_domain {
}
if($only_domain == false) {
- $qrystr = "SELECT d.domain_id, IF(d.parent_domain_id != 0 AND p.domain_id IS NOT NULL, p.ip_address, d.ip_address) as `ip_address`, IF(d.parent_domain_id != 0 AND p.domain_id IS NOT NULL, p.ipv6_address, d.ipv6_address) as `ipv6_address` FROM `web_domain` as d LEFT JOIN `web_domain` as p ON (p.domain_id = d.parent_domain_id) WHERE (CONCAT(d.subdomain, '.', d.domain)= '" . $app->db->quote($domain_name) . "'" . $additional_sql2 . ") AND d.server_id = " . $app->functions->intval($domain['server_id']) . " AND d.domain_id != " . $app->functions->intval($primary_id) . ($primary_id ? " AND d.parent_domain_id != " . $app->functions->intval($primary_id) : "");
- $checks = $app->db->queryAllRecords($qrystr);
+ $qrystr = "SELECT d.domain_id, IF(d.parent_domain_id != 0 AND p.domain_id IS NOT NULL, p.ip_address, d.ip_address) as `ip_address`, IF(d.parent_domain_id != 0 AND p.domain_id IS NOT NULL, p.ipv6_address, d.ipv6_address) as `ipv6_address` FROM `web_domain` as d LEFT JOIN `web_domain` as p ON (p.domain_id = d.parent_domain_id) WHERE (CONCAT(d.subdomain, '.', d.domain)= ?" . $additional_sql2 . ") AND d.server_id = ? AND d.domain_id != ?" . ($primary_id ? " AND d.parent_domain_id != ?" : "");
+ $params = array($domain_name) + $domain_params + array($domain['server_id'], $primary_id, $primary_id);
+ $checks = $app->db->queryAllRecords($qrystr, true, $params);
if(is_array($checks) && !empty($checks)){
foreach($checks as $check){
if($domain['ip_address'] == '*') return false;
@@ -207,7 +215,7 @@ class validate_domain {
if($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the limits of the client
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
- $client = $app->db->queryOneRecord("SELECT limit_wildcard FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+ $client = $app->db->queryOneRecord("SELECT limit_wildcard FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
if($client["limit_wildcard"] == 'y') return true;
else return false;
diff --git a/interface/lib/classes/validate_ftpuser.inc.php b/interface/lib/classes/validate_ftpuser.inc.php
index 8e0663ecae9dc661df5051163a37a9b9d73a1bea..da8c100adcdb168287b97db8b81be580a36f6d13 100644
--- a/interface/lib/classes/validate_ftpuser.inc.php
+++ b/interface/lib/classes/validate_ftpuser.inc.php
@@ -50,7 +50,7 @@ class validate_ftpuser {
if($primary_id > 0) {
//* get parent_domain_id from website
- $ftp_data = $app->db->queryOneRecord("SELECT parent_domain_id FROM ftp_user WHERE ftp_user_id = '".$app->db->quote($primary_id)."'");
+ $ftp_data = $app->db->queryOneRecord("SELECT parent_domain_id FROM ftp_user WHERE ftp_user_id = ?", $primary_id);
if(!is_array($ftp_data) || $ftp_data["parent_domain_id"] < 1) {
$errmsg = $validator['errmsg'];
if(isset($app->tform->wordbook[$errmsg])) {
@@ -66,7 +66,7 @@ class validate_ftpuser {
$parent_domain_id = $app->functions->intval($app->remoting_lib->dataRecord['parent_domain_id']);
}
- $domain_data = $app->db->queryOneRecord("SELECT domain_id, document_root FROM web_domain WHERE domain_id = '".$app->db->quote($parent_domain_id)."'");
+ $domain_data = $app->db->queryOneRecord("SELECT domain_id, document_root FROM web_domain WHERE domain_id = ?", $parent_domain_id);
if(!is_array($domain_data) || $domain_data["domain_id"] < 1) {
$errmsg = $validator['errmsg'];
if(isset($app->tform->wordbook[$errmsg])) {
diff --git a/interface/lib/classes/validate_systemuser.inc.php b/interface/lib/classes/validate_systemuser.inc.php
index 2cab1cf44464c563b7296230cd3af6682d906aa3..74824b72ca592ad3b4506fee29f1f219e6d798fd 100644
--- a/interface/lib/classes/validate_systemuser.inc.php
+++ b/interface/lib/classes/validate_systemuser.inc.php
@@ -95,7 +95,7 @@ class validate_systemuser {
if($primary_id > 0) {
//* get parent_domain_id from website
- $shell_data = $app->db->queryOneRecord("SELECT parent_domain_id FROM shell_user WHERE shell_user_id = '".$app->db->quote($primary_id)."'");
+ $shell_data = $app->db->queryOneRecord("SELECT parent_domain_id FROM shell_user WHERE shell_user_id = ?", $primary_id);
if(!is_array($shell_data) || $shell_data["parent_domain_id"] < 1) {
$errmsg = $validator['errmsg'];
if(isset($app->tform->wordbook[$errmsg])) {
@@ -111,7 +111,7 @@ class validate_systemuser {
$parent_domain_id = $app->functions->intval($app->remoting_lib->dataRecord['parent_domain_id']);
}
- $domain_data = $app->db->queryOneRecord("SELECT domain_id, document_root FROM web_domain WHERE domain_id = '".$app->db->quote($parent_domain_id)."'");
+ $domain_data = $app->db->queryOneRecord("SELECT domain_id, document_root FROM web_domain WHERE domain_id = ?", $parent_domain_id);
if(!is_array($domain_data) || $domain_data["domain_id"] < 1) {
$errmsg = $validator['errmsg'];
if(isset($app->tform->wordbook[$errmsg])) {
diff --git a/interface/lib/config.inc.php b/interface/lib/config.inc.php
index 7b5dacec2a1fcff5cabcb6bea1c5b48a7ccc6271..907f372871ec71a8c1ad34716a5de8f5b28ac14e 100644
--- a/interface/lib/config.inc.php
+++ b/interface/lib/config.inc.php
@@ -51,6 +51,7 @@ define('DEVSYSTEM', 0);
//** Database
$conf['db_type'] = 'mysql';
$conf['db_host'] = 'localhost';
+$conf['db_port'] = 3306;
$conf['db_database'] = 'ispconfig3_305';
$conf['db_user'] = 'root';
$conf['db_password'] = '';
@@ -60,6 +61,7 @@ $conf['db_client_flags'] = 0;
define('DB_TYPE', $conf['db_type']);
define('DB_HOST', $conf['db_host']);
+define('DB_PORT', $conf['db_port']);
define('DB_DATABASE', $conf['db_database']);
define('DB_USER', $conf['db_user']);
define('DB_PASSWORD', $conf['db_password']);
@@ -69,6 +71,7 @@ define('DB_CHARSET', $conf['db_charset']);
//** Database settings for the master DB. This setting is only used in multiserver setups
$conf['dbmaster_type'] = 'mysql';
$conf['dbmaster_host'] = '{mysql_master_server_host}';
+$conf['dbmaster_port'] = '{mysql_master_server_port}';
$conf['dbmaster_database'] = '{mysql_master_server_database}';
$conf['dbmaster_user'] = '{mysql_master_server_ispconfig_user}';
$conf['dbmaster_password'] = '{mysql_master_server_ispconfig_password}';
diff --git a/interface/lib/lang/en.lng b/interface/lib/lang/en.lng
index c89c97a7ccaed04036a54541fcb431b2ef608ce2..3c2bfafe2085347ca5236e38283981645a652c01 100644
--- a/interface/lib/lang/en.lng
+++ b/interface/lib/lang/en.lng
@@ -26,7 +26,7 @@ $wb['delete_txt'] = "Delete";
$wb['filter_txt'] = "Filter";
$wb['add_new_record_txt'] = "Add new record";
$wb['btn_save_txt'] = "Save";
-$wb['btn_cancel_txt'] = "Back";
+$wb['btn_cancel_txt'] = "Cancel";
$wb['top_menu_system'] = 'System';
$wb['top_menu_client'] = 'Client';
$wb['top_menu_email'] = 'Email';
diff --git a/interface/lib/plugins/dns_dns_slave_plugin.inc.php b/interface/lib/plugins/dns_dns_slave_plugin.inc.php
index aa2e20f9ab4089e5833de379049ee22f416f24a3..8f49ce69d0bc4c855f60a927cc120a38dee8f7ac 100644
--- a/interface/lib/plugins/dns_dns_slave_plugin.inc.php
+++ b/interface/lib/plugins/dns_dns_slave_plugin.inc.php
@@ -30,19 +30,19 @@ class dns_dns_slave_plugin {
// make sure that the record belongs to the client group and not the admin group when a dmin inserts it
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($page_form->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
- $app->db->query("UPDATE dns_slave SET sys_groupid = $client_group_id WHERE id = ".$page_form->id);
+ $app->db->query("UPDATE dns_slave SET sys_groupid = ? WHERE id = ?", $client_group_id, $page_form->id);
}
if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
- $app->db->query("UPDATE dns_slave SET sys_groupid = $client_group_id WHERE id = ".$page_form->id);
+ $app->db->query("UPDATE dns_slave SET sys_groupid = ? WHERE id = ?", $client_group_id, $page_form->id);
}
//** When the client group has changed, change also the owner of the record if the owner is not the admin user
if($page_form->oldDataRecord && $page_form->oldDataRecord["client_group_id"] != $page_form->dataRecord["client_group_id"] && $page_form->dataRecord["sys_userid"] != 1) {
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
- $tmp = $app->db->queryOneREcord("SELECT userid FROM sys_user WHERE default_group = ".$client_group_id);
+ $tmp = $app->db->queryOneREcord("SELECT userid FROM sys_user WHERE default_group = ?", $client_group_id);
if($tmp["userid"] > 0) {
- $app->db->query("UPDATE dns_slave SET sys_userid = ".$tmp["userid"]." WHERE id = ".$page_form->id);
+ $app->db->query("UPDATE dns_slave SET sys_userid = ? WHERE id = ?", $tmp["userid"], $page_form->id);
}
}
}
diff --git a/interface/lib/plugins/dns_dns_soa_plugin.inc.php b/interface/lib/plugins/dns_dns_soa_plugin.inc.php
index 1cada0e932d59510d136542b8a3295933a434e37..8f047bef8b147c354cc400a082b4050a7b4befec 100644
--- a/interface/lib/plugins/dns_dns_soa_plugin.inc.php
+++ b/interface/lib/plugins/dns_dns_soa_plugin.inc.php
@@ -31,17 +31,17 @@ class dns_dns_soa_plugin {
$tmp = $app->db->diffrec($page_form->oldDataRecord, $app->tform->getDataRecord($page_form->id));
if($tmp['diff_num'] > 0) {
// Update the serial number of the SOA record
- $soa = $app->db->queryOneRecord("SELECT serial FROM dns_soa WHERE id = ".$page_form->id);
- $app->db->query("UPDATE dns_soa SET serial = '".$app->validate_dns->increase_serial($soa["serial"])."' WHERE id = ".$page_form->id);
+ $soa = $app->db->queryOneRecord("SELECT serial FROM dns_soa WHERE id = ?", $page_form->id);
+ $app->db->query("UPDATE dns_soa SET serial = ? WHERE id = ?", $app->validate_dns->increase_serial($soa["serial"]), $page_form->id);
}
//** When the client group has changed, change also the owner of the record if the owner is not the admin user
if($page_form->oldDataRecord["client_group_id"] != $page_form->dataRecord["client_group_id"] && $page_form->dataRecord["sys_userid"] != 1) {
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
- $tmp = $app->db->queryOneREcord("SELECT userid FROM sys_user WHERE default_group = ".$client_group_id);
+ $tmp = $app->db->queryOneREcord("SELECT userid FROM sys_user WHERE default_group = ?", $client_group_id);
if($tmp["userid"] > 0) {
- $app->db->query("UPDATE dns_soa SET sys_userid = ".$tmp["userid"]." WHERE id = ".$page_form->id);
- $app->db->query("UPDATE dns_rr SET sys_userid = ".$tmp["userid"]." WHERE zone = ".$page_form->id);
+ $app->db->query("UPDATE dns_soa SET sys_userid = ? WHERE id = ?", $tmp["userid"], $page_form->id);
+ $app->db->query("UPDATE dns_rr SET sys_userid = ? WHERE zone = ?", $tmp["userid"], $page_form->id);
}
}
}
@@ -49,15 +49,15 @@ class dns_dns_soa_plugin {
// make sure that the record belongs to the client group and not the admin group when a dmin inserts it
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($page_form->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
- $app->db->query("UPDATE dns_soa SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE id = ".$page_form->id);
+ $app->db->query("UPDATE dns_soa SET sys_groupid = ?, sys_perm_group = 'ru' WHERE id = ?", $client_group_id, $page_form->id);
// And we want to update all rr records too, that belong to this record
- $app->db->query("UPDATE dns_rr SET sys_groupid = $client_group_id WHERE zone = ".$page_form->id);
+ $app->db->query("UPDATE dns_rr SET sys_groupid = ? WHERE zone = ?", $client_group_id, $page_form->id);
}
if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($page_form->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
- $app->db->query("UPDATE dns_soa SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE id = ".$page_form->id);
+ $app->db->query("UPDATE dns_soa SET sys_groupid = ?, sys_perm_group = 'riud' WHERE id = ?", $client_group_id, $page_form->id);
// And we want to update all rr records too, that belong to this record
- $app->db->query("UPDATE dns_rr SET sys_groupid = $client_group_id WHERE zone = ".$page_form->id);
+ $app->db->query("UPDATE dns_rr SET sys_groupid = ? WHERE zone = ?", $client_group_id, $page_form->id);
}
}
diff --git a/interface/lib/plugins/mail_mail_domain_plugin.inc.php b/interface/lib/plugins/mail_mail_domain_plugin.inc.php
index 13f6009ee58d62a84aaf6cc4de54b9c48a5ca4e3..90b1ac15b95033a431d6c75932392eaec0f8652a 100644
--- a/interface/lib/plugins/mail_mail_domain_plugin.inc.php
+++ b/interface/lib/plugins/mail_mail_domain_plugin.inc.php
@@ -31,23 +31,29 @@ class mail_mail_domain_plugin {
// also make sure that the user can not delete entry created by an admin
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($page_form->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
- $updates = "sys_groupid = $client_group_id, sys_perm_group = 'ru'";
+ $updates = "sys_groupid = ?, sys_perm_group = 'ru'";
+ $update_params = array($client_group_id);
if ($event_name == 'mail:mail_domain:on_after_update') {
- $tmp = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE default_group = $client_group_id");
+ $tmp = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE default_group = ?", $client_group_id);
$client_user_id = ($tmp['userid'] > 0)?$tmp['userid']:1;
- $updates = "sys_userid = $client_user_id, $updates";
+ $updates .= ", sys_userid = ?";
+ $update_params[] = $client_user_id;
}
- $app->db->query("UPDATE mail_domain SET $updates WHERE domain_id = ".$page_form->id);
+ $update_params[] = $page_form->id;
+ $app->db->query("UPDATE mail_domain SET " . $updates . " WHERE domain_id = ?", true, $update_params);
}
if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($page_form->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
$updates = "sys_groupid = $client_group_id, sys_perm_group = 'riud'";
+ $update_params = array($client_group_id);
if ($event_name == 'mail:mail_domain:on_after_update') {
- $tmp = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE default_group = $client_group_id");
+ $tmp = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE default_group = ?", $client_group_id);
$client_user_id = ($tmp['userid'] > 0)?$tmp['userid']:1;
- $updates = "sys_userid = $client_user_id, $updates";
+ $updates .= ", sys_userid = ?";
+ $update_params[] = $client_user_id;
}
- $app->db->query("UPDATE mail_domain SET $updates WHERE domain_id = ".$page_form->id);
+ $update_params[] = $page_form->id;
+ $app->db->query("UPDATE mail_domain SET " . $updates . " WHERE domain_id = ?", true, $update_params);
}
//** If the domain name or owner has been changed, change the domain and owner in all mailbox records
@@ -57,9 +63,9 @@ class mail_mail_domain_plugin {
$mail_config = $app->getconf->get_server_config($page_form->dataRecord["server_id"], 'mail');
//* Update the mailboxes
- $mailusers = $app->db->queryAllRecords("SELECT * FROM mail_user WHERE email like '%@".$app->db->quote($page_form->oldDataRecord['domain'])."'");
+ $mailusers = $app->db->queryAllRecords("SELECT * FROM mail_user WHERE email like ?", "%@" . $page_form->oldDataRecord['domain']);
$sys_groupid = $app->functions->intval((isset($page_form->dataRecord['client_group_id']))?$page_form->dataRecord['client_group_id']:$page_form->oldDataRecord['sys_groupid']);
- $tmp = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE default_group = $sys_groupid");
+ $tmp = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE default_group = ?", $sys_groupid);
$client_user_id = $app->functions->intval(($tmp['userid'] > 0)?$tmp['userid']:1);
if(is_array($mailusers)) {
foreach($mailusers as $rec) {
@@ -67,46 +73,45 @@ class mail_mail_domain_plugin {
$mail_parts = explode("@", $rec['email']);
$maildir = str_replace("[domain]", $page_form->dataRecord['domain'], $mail_config["maildir_path"]);
$maildir = str_replace("[localpart]", $mail_parts[0], $maildir);
- $maildir = $app->db->quote($maildir);
- $email = $app->db->quote($mail_parts[0].'@'.$page_form->dataRecord['domain']);
- $app->db->datalogUpdate('mail_user', "maildir = '$maildir', email = '$email', sys_userid = $client_user_id, sys_groupid = '$sys_groupid'", 'mailuser_id', $rec['mailuser_id']);
+ $email = $mail_parts[0].'@'.$page_form->dataRecord['domain'];
+ $app->db->datalogUpdate('mail_user', array("maildir" => $maildir, "email" => $email, "sys_userid" => $client_user_id, "sys_groupid" => $sys_groupid), 'mailuser_id', $rec['mailuser_id']);
}
}
//* Update the aliases
- $forwardings = $app->db->queryAllRecords("SELECT * FROM mail_forwarding WHERE source like '%@".$app->db->quote($page_form->oldDataRecord['domain'])."' OR destination like '%@".$app->db->quote($page_form->oldDataRecord['domain'])."'");
+ $forwardings = $app->db->queryAllRecords("SELECT * FROM mail_forwarding WHERE source LIKE ? OR destination LIKE ?", "%@" . $page_form->oldDataRecord['domain'], "%@" . $page_form->oldDataRecord['domain']);
if(is_array($forwardings)) {
foreach($forwardings as $rec) {
- $destination = $app->db->quote(str_replace($page_form->oldDataRecord['domain'], $page_form->dataRecord['domain'], $rec['destination']));
- $source = $app->db->quote(str_replace($page_form->oldDataRecord['domain'], $page_form->dataRecord['domain'], $rec['source']));
- $app->db->datalogUpdate('mail_forwarding', "source = '$source', destination = '$destination', sys_userid = $client_user_id, sys_groupid = '$sys_groupid'", 'forwarding_id', $rec['forwarding_id']);
+ $destination = str_replace($page_form->oldDataRecord['domain'], $page_form->dataRecord['domain'], $rec['destination']);
+ $source = str_replace($page_form->oldDataRecord['domain'], $page_form->dataRecord['domain'], $rec['source']);
+ $app->db->datalogUpdate('mail_forwarding', array("source" => $source, "destination" => $destination, "sys_userid" => $client_user_id, "sys_groupid" => $sys_groupid), 'forwarding_id', $rec['forwarding_id']);
}
}
//* Update the mailinglist
- $mailing_lists = $app->db->queryAllRecords("SELECT mailinglist_id FROM mail_mailinglist WHERE domain = '".$app->db->quote($page_form->oldDataRecord['domain'])."'");
+ $mailing_lists = $app->db->queryAllRecords("SELECT mailinglist_id FROM mail_mailinglist WHERE domain = ?", $page_form->oldDataRecord['domain']);
if(is_array($mailing_lists)) {
foreach($mailing_lists as $rec) {
- $app->db->datalogUpdate('mail_mailinglist', "sys_userid = $client_user_id, sys_groupid = '$sys_groupid'", 'mailinglist_id', $rec['mailinglist_id']);
+ $app->db->datalogUpdate('mail_mailinglist', array("sys_userid" => $client_user_id, "sys_groupid" => $sys_groupid), 'mailinglist_id', $rec['mailinglist_id']);
}
}
//* Update the mailget records
- $mail_gets = $app->db->queryAllRecords("SELECT mailget_id, destination FROM mail_get WHERE destination LIKE '%@".$app->db->quote($page_form->oldDataRecord['domain'])."'");
+ $mail_gets = $app->db->queryAllRecords("SELECT mailget_id, destination FROM mail_get WHERE destination LIKE ?", "%@" . $page_form->oldDataRecord['domain']);
if(is_array($mail_gets)) {
foreach($mail_gets as $rec) {
- $destination = $app->db->quote(str_replace($page_form->oldDataRecord['domain'], $page_form->dataRecord['domain'], $rec['destination']));
- $app->db->datalogUpdate('mail_get', "destination = '$destination', sys_userid = $client_user_id, sys_groupid = '$sys_groupid'", 'mailget_id', $rec['mailget_id']);
+ $destination = str_replace($page_form->oldDataRecord['domain'], $page_form->dataRecord['domain'], $rec['destination']);
+ $app->db->datalogUpdate('mail_get', array("destination" => $destination, "sys_userid" => $client_user_id, "sys_groupid" => $sys_groupid), 'mailget_id', $rec['mailget_id']);
}
}
if ($page_form->oldDataRecord["domain"] != $page_form->dataRecord['domain']) {
//* Delete the old spamfilter record
- $tmp = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '@".$app->db->quote($page_form->oldDataRecord["domain"])."'");
+ $tmp = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = ?", "@" . $page_form->oldDataRecord["domain"]);
$app->db->datalogDelete('spamfilter_users', 'id', $tmp["id"]);
unset($tmp);
}
- $app->db->query("UPDATE spamfilter_users SET email=REPLACE(email, '".$app->db->quote($page_form->oldDataRecord['domain'])."', '".$app->db->quote($page_form->dataRecord['domain'])."'), sys_userid = $client_user_id, sys_groupid = $sys_groupid WHERE email LIKE '%@".$app->db->quote($page_form->oldDataRecord['domain'])."'");
+ $app->db->query("UPDATE spamfilter_users SET email=REPLACE(email, ?, ?), sys_userid = ?, sys_groupid = ? WHERE email LIKE ?", $page_form->oldDataRecord['domain'], $page_form->dataRecord['domain'], $client_user_id, $sys_groupid, "%@" . $page_form->oldDataRecord['domain']);
} // end if domain name changed
}
diff --git a/interface/lib/plugins/mail_user_filter_plugin.inc.php b/interface/lib/plugins/mail_user_filter_plugin.inc.php
index 8faeab5e83aad6c63b01df88cc35689d36583099..e831789a6bd980b27123fbca2c74fe6962d13add 100644
--- a/interface/lib/plugins/mail_user_filter_plugin.inc.php
+++ b/interface/lib/plugins/mail_user_filter_plugin.inc.php
@@ -61,7 +61,7 @@ class mail_user_filter_plugin {
function mail_user_filter_edit($event_name, $page_form) {
global $app, $conf;
- $mailuser = $app->db->queryOneRecord("SELECT custom_mailfilter FROM mail_user WHERE mailuser_id = ".$page_form->dataRecord["mailuser_id"]);
+ $mailuser = $app->db->queryOneRecord("SELECT custom_mailfilter FROM mail_user WHERE mailuser_id = ?", $page_form->dataRecord["mailuser_id"]);
$skip = false;
$lines = explode("\n", $mailuser['custom_mailfilter']);
$out = '';
@@ -86,8 +86,7 @@ class mail_user_filter_plugin {
$out = $new_rule . $out;
}
- $out = $app->db->quote($out);
- $app->db->datalogUpdate('mail_user', "custom_mailfilter = '$out'", 'mailuser_id', $page_form->dataRecord["mailuser_id"]);
+ $app->db->datalogUpdate('mail_user', array("custom_mailfilter" => $out), 'mailuser_id', $page_form->dataRecord["mailuser_id"]);
}
@@ -95,7 +94,7 @@ class mail_user_filter_plugin {
function mail_user_filter_del($event_name, $page_form) {
global $app, $conf;
- $mailuser = $app->db->queryOneRecord("SELECT custom_mailfilter FROM mail_user WHERE mailuser_id = ".$page_form->dataRecord["mailuser_id"]);
+ $mailuser = $app->db->queryOneRecord("SELECT custom_mailfilter FROM mail_user WHERE mailuser_id = ?", $page_form->dataRecord["mailuser_id"]);
$skip = false;
$lines = explode("\n", $mailuser['custom_mailfilter']);
$out = '';
@@ -111,8 +110,7 @@ class mail_user_filter_plugin {
}
}
- $out = $app->db->quote($out);
- $app->db->datalogUpdate('mail_user', "custom_mailfilter = '$out'", 'mailuser_id', $page_form->dataRecord["mailuser_id"]);
+ $app->db->datalogUpdate('mail_user', array("custom_mailfilter" => $out), 'mailuser_id', $page_form->dataRecord["mailuser_id"]);
}
@@ -124,7 +122,7 @@ class mail_user_filter_plugin {
global $app, $conf;
$app->uses("getconf");
- $mailuser_rec = $app->db->queryOneRecord("SELECT server_id FROM mail_user WHERE mailuser_id = ".$app->functions->intval($page_form->dataRecord["mailuser_id"]));
+ $mailuser_rec = $app->db->queryOneRecord("SELECT server_id FROM mail_user WHERE mailuser_id = ?", $page_form->dataRecord["mailuser_id"]);
$mail_config = $app->getconf->get_server_config($app->functions->intval($mailuser_rec["server_id"]), 'mail');
if($mail_config['mail_filter_syntax'] == 'sieve') {
@@ -137,41 +135,69 @@ class mail_user_filter_plugin {
$content .= '### BEGIN FILTER_ID:'.$page_form->id."\n";
//$content .= 'require ["fileinto", "regex", "vacation"];'."\n";
-
- $content .= 'if header :regex ["'.strtolower($page_form->dataRecord["source"]).'"] ["';
-
- $searchterm = preg_quote($page_form->dataRecord["searchterm"]);
- $searchterm = str_replace(
- array(
- '"',
- '\\[',
- '\\]'
- ),
- array(
- '\\"',
- '\\\\[',
- '\\\\]'
- ), $searchterm);
-
- if($page_form->dataRecord["op"] == 'contains') {
- $content .= ".*".$searchterm;
- } elseif ($page_form->dataRecord["op"] == 'is') {
- $content .= "^".$searchterm."$";
- } elseif ($page_form->dataRecord["op"] == 'begins') {
- $content .= "^".$searchterm.".*";
- } elseif ($page_form->dataRecord["op"] == 'ends') {
- $content .= ".*".$searchterm."$";
+
+ if($page_form->dataRecord["op"] == 'domain') {
+ $content .= 'if address :domain :is "'.strtolower($page_form->dataRecord["source"]).'" "'.$page_form->dataRecord["searchterm"].'" {'."\n";
+ } elseif ($page_form->dataRecord["op"] == 'localpart') {
+ $content .= 'if address :localpart :is "'.strtolower($page_form->dataRecord["source"]).'" "'.$page_form->dataRecord["searchterm"].'" {'."\n";
+ } elseif ($page_form->dataRecord["source"] == 'Size') {
+ if(substr(trim($page_form->dataRecord["searchterm"]),-1) == 'k' || substr(trim($page_form->dataRecord["searchterm"]),-1) == 'K') {
+ $unit = 'k';
+ } else {
+ $unit = 'm';
+ }
+ $content .= 'if size :over '.intval($page_form->dataRecord["searchterm"]).$unit.' {'."\n";
+ } else {
+
+ if($page_form->dataRecord["source"] == 'Header') {
+ $parts = explode(':',trim($page_form->dataRecord["searchterm"]));
+ $page_form->dataRecord["source"] = trim($parts[0]);
+ unset($parts[0]);
+ $page_form->dataRecord["searchterm"] = trim(implode(':',$parts));
+ unset($parts);
+ }
+
+ $content .= 'if header :regex ["'.strtolower($page_form->dataRecord["source"]).'"] ["';
+
+ $searchterm = preg_quote($page_form->dataRecord["searchterm"]);
+ $searchterm = str_replace(
+ array(
+ '"',
+ '\\[',
+ '\\]'
+ ),
+ array(
+ '\\"',
+ '\\\\[',
+ '\\\\]'
+ ), $searchterm);
+
+ if($page_form->dataRecord["op"] == 'contains') {
+ $content .= ".*".$searchterm;
+ } elseif ($page_form->dataRecord["op"] == 'is') {
+ $content .= "^".$searchterm."$";
+ } elseif ($page_form->dataRecord["op"] == 'begins') {
+ $content .= " ".$searchterm."";
+ } elseif ($page_form->dataRecord["op"] == 'ends') {
+ $content .= ".*".$searchterm."$";
+ }
+
+ $content .= '"] {'."\n";
}
- $content .= '"] {'."\n";
-
if($page_form->dataRecord["action"] == 'move') {
- $content .= ' fileinto "'.$page_form->dataRecord["target"].'";' . "\n";
+ $content .= ' fileinto "'.$page_form->dataRecord["target"].'";' . "\n stop;\n";
+ } elseif ($page_form->dataRecord["action"] == 'keep') {
+ $content .= " keep;\n";
+ } elseif ($page_form->dataRecord["action"] == 'stop') {
+ $content .= " stop;\n";
+ } elseif ($page_form->dataRecord["action"] == 'reject') {
+ $content .= ' reject "'.$page_form->dataRecord["target"].'"; stop;\n\n';
} else {
- $content .= " discard;\n";
+ $content .= " discard;\n stop;\n";
}
- $content .= " stop;\n}\n";
+ $content .= "}\n";
$content .= '### END FILTER_ID:'.$page_form->id."\n";
diff --git a/interface/lib/plugins/sites_web_database_user_plugin.inc.php b/interface/lib/plugins/sites_web_database_user_plugin.inc.php
index 1a880a1b10a0cd4d67cdc9861dbf917839b01c96..754c249ab9959208beba689b4b9a50971ae2b119 100644
--- a/interface/lib/plugins/sites_web_database_user_plugin.inc.php
+++ b/interface/lib/plugins/sites_web_database_user_plugin.inc.php
@@ -31,13 +31,12 @@ class sites_web_database_user_plugin {
// also make sure that the user can not delete entry created by an admin
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($page_form->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
- $app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE database_user_id = ".$page_form->id);
+ $app->db->query("UPDATE web_database_user SET sys_groupid = ?, sys_perm_group = 'ru' WHERE database_user_id = ?", $client_group_id, $page_form->id);
}
if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($page_form->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
- $app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_user_id = ".$page_form->id);
+ $app->db->query("UPDATE web_database_user SET sys_groupid = ?, sys_perm_group = 'riud' WHERE database_user_id = ?", $client_group_id, $page_form->id);
}
- //$app->db->query("UPDATE web_database_user SET server_id = '" . $app->functions->intval($conf['server_id']) . "' WHERE database_user_id = ".$page_form->id);
}
}
diff --git a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php
index d063fbbecfc5c4ed3dd41f8d311205a551a60c29..aeb5623996009f08e3650628c4e0c871b5b50007 100644
--- a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php
+++ b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php
@@ -51,11 +51,11 @@ class sites_web_vhost_domain_plugin {
// also make sure that the user can not delete domain created by a admin
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($page_form->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
- $app->db->query("UPDATE web_domain SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE domain_id = ".$page_form->id);
+ $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $page_form->id);
}
if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($page_form->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
- $app->db->query("UPDATE web_domain SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE domain_id = ".$page_form->id);
+ $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $client_group_id, $page_form->id);
}
// Get configuration for the web system
$app->uses("getconf");
@@ -73,15 +73,15 @@ class sites_web_vhost_domain_plugin {
// get the ID of the client
if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) {
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
- $client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = $client_group_id");
+ $client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ?", $client_group_id);
$client_id = $app->functions->intval($client["client_id"]);
} elseif (isset($page_form->dataRecord["client_group_id"])) {
$client_group_id = $page_form->dataRecord["client_group_id"];
- $client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".$app->functions->intval(@$page_form->dataRecord["client_group_id"]));
+ $client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ?", $app->functions->intval(@$page_form->dataRecord["client_group_id"]));
$client_id = $app->functions->intval($client["client_id"]);
} else {
$client_group_id = $page_form->dataRecord["client_group_id"];
- $client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".$app->functions->intval($page_form->dataRecord["client_group_id"]));
+ $client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ?", $app->functions->intval($page_form->dataRecord["client_group_id"]));
$client_id = $app->functions->intval($client["client_id"]);
}
@@ -89,81 +89,81 @@ class sites_web_vhost_domain_plugin {
$client_user_id = $app->functions->intval(($tmp['userid'] > 0)?$tmp['userid']:1);
// Set the values for document_root, system_user and system_group
- $system_user = $app->db->quote('web'.$page_form->id);
- $system_group = $app->db->quote('client'.$client_id);
+ $system_user = 'web'.$page_form->id;
+ $system_group = 'client'.$client_id;
$document_root = str_replace("[client_id]", $client_id, $document_root);
$document_root = str_replace("[client_idhash_1]", $this->id_hash($client_id, 1), $document_root);
$document_root = str_replace("[client_idhash_2]", $this->id_hash($client_id, 2), $document_root);
$document_root = str_replace("[client_idhash_3]", $this->id_hash($client_id, 3), $document_root);
$document_root = str_replace("[client_idhash_4]", $this->id_hash($client_id, 4), $document_root);
- $document_root = $app->db->quote($document_root);
if($event_name == 'sites:web_vhost_domain:on_after_update') {
if(($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) && isset($page_form->dataRecord["client_group_id"]) && $page_form->dataRecord["client_group_id"] != $page_form->oldDataRecord["sys_groupid"]) {
- $sql = "UPDATE web_domain SET system_user = '$system_user', system_group = '$system_group', document_root = '$document_root' WHERE domain_id = ".$page_form->id;
- $app->db->query($sql);
+ $sql = "UPDATE web_domain SET system_user = ?, system_group = ?, document_root = ? WHERE domain_id = ?";
+ $app->db->query($sql, $system_user, $system_group, $document_root, $page_form->id);
// Update the FTP user(s) too
- $records = $app->db->queryAllRecords("SELECT ftp_user_id FROM ftp_user WHERE parent_domain_id = ".$page_form->id);
+ $records = $app->db->queryAllRecords("SELECT ftp_user_id FROM ftp_user WHERE parent_domain_id = ?", $page_form->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('ftp_user', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."', uid = '$system_user', gid = '$system_group', dir = '$document_root'", 'ftp_user_id', $app->functions->intval($rec['ftp_user_id']));
+ $app->db->datalogUpdate('ftp_user', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid'], "uid" => $system_user, "gid" => $system_group, "dir" => $document_root), 'ftp_user_id', $app->functions->intval($rec['ftp_user_id']));
}
unset($records);
unset($rec);
// Update the webdav user(s) too
- $records = $app->db->queryAllRecords("SELECT webdav_user_id FROM webdav_user WHERE parent_domain_id = ".$page_form->id);
+ $records = $app->db->queryAllRecords("SELECT webdav_user_id FROM webdav_user WHERE parent_domain_id = ?", $page_form->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('webdav_user', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."'", 'webdav_user_id', $app->functions->intval($rec['webdav_user_id']));
+ $app->db->datalogUpdate('webdav_user', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid']), 'webdav_user_id', $app->functions->intval($rec['webdav_user_id']));
}
unset($records);
unset($rec);
// Update the web folder(s) too
- $records = $app->db->queryAllRecords("SELECT web_folder_id FROM web_folder WHERE parent_domain_id = ".$page_form->id);
+ $records = $app->db->queryAllRecords("SELECT web_folder_id FROM web_folder WHERE parent_domain_id = ?", $page_form->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('web_folder', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."'", 'web_folder_id', $app->functions->intval($rec['web_folder_id']));
+ $app->db->datalogUpdate('web_folder', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid']), 'web_folder_id', $app->functions->intval($rec['web_folder_id']));
}
unset($records);
unset($rec);
//* Update all web folder users
- $records = $app->db->queryAllRecords("SELECT web_folder_user.web_folder_user_id FROM web_folder_user, web_folder WHERE web_folder_user.web_folder_id = web_folder.web_folder_id AND web_folder.parent_domain_id = ".$page_form->id);
+ $records = $app->db->queryAllRecords("SELECT web_folder_user.web_folder_user_id FROM web_folder_user, web_folder WHERE web_folder_user.web_folder_id = web_folder.web_folder_id AND web_folder.parent_domain_id = ?", $page_form->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('web_folder_user', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."'", 'web_folder_user_id', $app->functions->intval($rec['web_folder_user_id']));
+ $app->db->datalogUpdate('web_folder_user', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid']), 'web_folder_user_id', $app->functions->intval($rec['web_folder_user_id']));
}
unset($records);
unset($rec);
// Update the Shell user(s) too
- $records = $app->db->queryAllRecords("SELECT shell_user_id FROM shell_user WHERE parent_domain_id = ".$page_form->id);
+ $records = $app->db->queryAllRecords("SELECT shell_user_id FROM shell_user WHERE parent_domain_id = ?", $page_form->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('shell_user', "sys_userid = '".$web_rec['sys_userid']."', sys_groupid = '".$web_rec['sys_groupid']."', puser = '$system_user', pgroup = '$system_group', dir = '$document_root'", 'shell_user_id', $app->functions->intval($rec['shell_user_id']));
+ $app->db->datalogUpdate('shell_user', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid'], "puser" => $system_user, "pgroup" => $system_group, "dir" => $document_root), 'shell_user_id', $app->functions->intval($rec['shell_user_id']));
}
unset($records);
unset($rec);
// Update the cron(s) too
- $records = $app->db->queryAllRecords("SELECT id FROM cron WHERE parent_domain_id = ".$page_form->id);
+ $records = $app->db->queryAllRecords("SELECT id FROM cron WHERE parent_domain_id = ?", $page_form->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('cron', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."'", 'id', $app->functions->intval($rec['id']));
+ $app->db->datalogUpdate('cron', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid']), 'id', $app->functions->intval($rec['id']));
}
unset($records);
unset($rec);
//* Update all subdomains and alias domains
- $records = $app->db->queryAllRecords("SELECT domain_id, `domain`, `type`, `web_folder` FROM web_domain WHERE parent_domain_id = ".$page_form->id);
+ $records = $app->db->queryAllRecords("SELECT domain_id, `domain`, `type`, `web_folder` FROM web_domain WHERE parent_domain_id = ?", $page_form->id);
foreach($records as $rec) {
- $update_columns = "sys_userid = '".$web_rec['sys_userid']."', sys_groupid = '".$web_rec['sys_groupid']."'";
+ $update_columns = array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid']);
if($rec['type'] == 'vhostsubdomain' || $rec['type'] == 'vhostalias') {
$php_open_basedir = str_replace("[website_path]/web", $document_root.'/'.$rec['web_folder'], $web_config["php_open_basedir"]);
$php_open_basedir = str_replace("[website_domain]/web", $rec['domain'].'/'.$rec['web_folder'], $php_open_basedir);
$php_open_basedir = str_replace("[website_path]", $document_root, $php_open_basedir);
- $php_open_basedir = $app->db->quote(str_replace("[website_domain]", $rec['domain'], $php_open_basedir));
+ $php_open_basedir = str_replace("[website_domain]", $rec['domain'], $php_open_basedir);
- $update_columns .= ", document_root = '".$document_root."', `php_open_basedir` = '".$php_open_basedir."'";
+ $update_columns["document_root"] = $document_root;
+ $update_columns["php_open_basedir"] = $php_open_basedir;
}
$app->db->datalogUpdate('web_domain', $update_columns, 'domain_id', $rec['domain_id']);
}
@@ -171,24 +171,24 @@ class sites_web_vhost_domain_plugin {
unset($rec);
//* Update all databases
- $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE parent_domain_id = ".$page_form->id);
+ $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE parent_domain_id = ?", $page_form->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('web_database', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."'", 'database_id', $app->functions->intval($rec['database_id']));
+ $app->db->datalogUpdate('web_database', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid']), 'database_id', $app->functions->intval($rec['database_id']));
}
//* Update all database users
- $records = $app->db->queryAllRecords("SELECT web_database_user.database_user_id FROM web_database_user, web_database WHERE web_database_user.database_user_id IN (web_database.database_user_id, web_database.database_ro_user_id) AND web_database.parent_domain_id = ".$page_form->id);
+ $records = $app->db->queryAllRecords("SELECT web_database_user.database_user_id FROM web_database_user, web_database WHERE web_database_user.database_user_id IN (web_database.database_user_id, web_database.database_ro_user_id) AND web_database.parent_domain_id = ?", $page_form->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('web_database_user', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."'", 'database_user_id', $app->functions->intval($rec['database_user_id']));
+ $app->db->datalogUpdate('web_database_user', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid']), 'database_user_id', $app->functions->intval($rec['database_user_id']));
}
unset($records);
unset($rec);
// Update APS instances
- $records = $app->db->queryAllRecords("SELECT instance_id FROM aps_instances_settings WHERE name = 'main_domain' AND value = '".$app->db->quote($page_form->oldDataRecord["domain"])."'");
+ $records = $app->db->queryAllRecords("SELECT instance_id FROM aps_instances_settings WHERE name = 'main_domain' AND value = ?", $page_form->oldDataRecord["domain"]);
if(is_array($records) && !empty($records)){
foreach($records as $rec){
- $app->db->datalogUpdate('aps_instances', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."', customer_id = '".$app->functions->intval($client_id)."'", 'id', $rec['instance_id']);
+ $app->db->datalogUpdate('aps_instances', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid'], "customer_id" => $client_id), 'id', $rec['instance_id']);
}
}
unset($records);
@@ -198,22 +198,20 @@ class sites_web_vhost_domain_plugin {
//* If the domain name has been changed, we will have to change all subdomains + APS instances
if(!empty($page_form->dataRecord["domain"]) && !empty($page_form->oldDataRecord["domain"]) && $page_form->dataRecord["domain"] != $page_form->oldDataRecord["domain"]) {
- $records = $app->db->queryAllRecords("SELECT domain_id,domain FROM web_domain WHERE (type = 'subdomain' OR type = 'vhostsubdomain' OR type = 'vhostalias') AND domain LIKE '%.".$app->db->quote($page_form->oldDataRecord["domain"])."'");
+ $records = $app->db->queryAllRecords("SELECT domain_id,domain FROM web_domain WHERE (type = 'subdomain' OR type = 'vhostsubdomain' OR type = 'vhostalias') AND domain LIKE ?", "%." . $page_form->oldDataRecord["domain"]);
foreach($records as $rec) {
- $subdomain = $app->db->quote(str_replace($page_form->oldDataRecord["domain"], $page_form->dataRecord["domain"], $rec['domain']));
- $app->db->datalogUpdate('web_domain', "domain = '".$subdomain."'", 'domain_id', $rec['domain_id']);
+ $subdomain = str_replace($page_form->oldDataRecord["domain"], $page_form->dataRecord["domain"], $rec['domain']);
+ $app->db->datalogUpdate('web_domain', array("domain" => $subdomain), 'domain_id', $rec['domain_id']);
}
unset($records);
unset($rec);
unset($subdomain);
// Update APS instances
- $records = $app->db->queryAllRecords("SELECT id, instance_id FROM aps_instances_settings WHERE name = 'main_domain' AND value = '".$app->db->quote($page_form->oldDataRecord["domain"])."'");
+ $records = $app->db->queryAllRecords("SELECT id, instance_id FROM aps_instances_settings WHERE name = 'main_domain' AND value = ?", $page_form->oldDataRecord["domain"]);
if(is_array($records) && !empty($records)){
foreach($records as $rec){
- $app->db->datalogUpdate('aps_instances_settings', "value = '".$app->db->quote($page_form->dataRecord["domain"])."'", 'id', $rec['id']);
- // Reinstall of package needed?
- //$app->db->datalogUpdate('aps_instances', "instance_status = '1'", 'id', $rec['instance_id']);
+ $app->db->datalogUpdate('aps_instances_settings', array("value" => $page_form->dataRecord["domain"]), 'id', $rec['id']);
}
}
unset($records);
@@ -222,35 +220,35 @@ class sites_web_vhost_domain_plugin {
//* Set allow_override if empty
if($web_rec['allow_override'] == '') {
- $sql = "UPDATE web_domain SET allow_override = '".$app->db->quote($web_config["htaccess_allow_override"])."' WHERE domain_id = ".$page_form->id;
- $app->db->query($sql);
+ $sql = "UPDATE web_domain SET allow_override = ? WHERE domain_id = ?";
+ $app->db->query($sql, $web_config["htaccess_allow_override"], $page_form->id);
}
//* Set php_open_basedir if empty or domain or client has been changed
if(empty($web_rec['php_open_basedir']) ||
(!empty($page_form->dataRecord["domain"]) && !empty($page_form->oldDataRecord["domain"]) && $page_form->dataRecord["domain"] != $page_form->oldDataRecord["domain"])) {
$php_open_basedir = $web_rec['php_open_basedir'];
- $php_open_basedir = $app->db->quote(str_replace($page_form->oldDataRecord['domain'], $web_rec['domain'], $php_open_basedir));
- $sql = "UPDATE web_domain SET php_open_basedir = '$php_open_basedir' WHERE domain_id = ".$page_form->id;
- $app->db->query($sql);
+ $php_open_basedir = str_replace($page_form->oldDataRecord['domain'], $web_rec['domain'], $php_open_basedir);
+ $sql = "UPDATE web_domain SET php_open_basedir = ? WHERE domain_id = ?";
+ $app->db->query($sql, $php_open_basedir, $page_form->id);
}
if(empty($web_rec['php_open_basedir']) ||
(isset($page_form->dataRecord["client_group_id"]) && $page_form->dataRecord["client_group_id"] != $page_form->oldDataRecord["sys_groupid"])) {
- $document_root = $app->db->quote(str_replace("[client_id]", $client_id, $document_root));
+ $document_root = str_replace("[client_id]", $client_id, $document_root);
$php_open_basedir = str_replace("[website_path]", $document_root, $web_config["php_open_basedir"]);
- $php_open_basedir = $app->db->quote(str_replace("[website_domain]", $web_rec['domain'], $php_open_basedir));
- $sql = "UPDATE web_domain SET php_open_basedir = '$php_open_basedir' WHERE domain_id = ".$page_form->id;
- $app->db->query($sql);
+ $php_open_basedir = str_replace("[website_domain]", $web_rec['domain'], $php_open_basedir);
+ $sql = "UPDATE web_domain SET php_open_basedir = ? WHERE domain_id = ?";
+ $app->db->query($sql, $php_open_basedir, $page_form->id);
}
//* Change database backup options when web backup options have been changed
if(isset($page_form->dataRecord['backup_interval']) && ($page_form->dataRecord['backup_interval'] != $page_form->oldDataRecord['backup_interval'] || $page_form->dataRecord['backup_copies'] != $page_form->oldDataRecord['backup_copies'])) {
//* Update all databases
- $backup_interval = $app->db->quote($page_form->dataRecord['backup_interval']);
+ $backup_interval = $page_form->dataRecord['backup_interval'];
$backup_copies = $app->functions->intval($page_form->dataRecord['backup_copies']);
$records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE parent_domain_id = ".$page_form->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('web_database', "backup_interval = '$backup_interval', backup_copies = '$backup_copies'", 'database_id', $rec['database_id']);
+ $app->db->datalogUpdate('web_database', array("backup_interval" => $backup_interval, "backup_copies" => $backup_copies), 'database_id', $rec['database_id']);
}
unset($records);
unset($rec);
@@ -260,36 +258,36 @@ class sites_web_vhost_domain_plugin {
//* Change vhost subdomain and alias ip/ipv6 if domain ip/ipv6 has changed
if(isset($page_form->dataRecord['ip_address']) && ($page_form->dataRecord['ip_address'] != $page_form->oldDataRecord['ip_address'] || $page_form->dataRecord['ipv6_address'] != $page_form->oldDataRecord['ipv6_address'])) {
- $records = $app->db->queryAllRecords("SELECT domain_id FROM web_domain WHERE (type = 'vhostsubdomain' OR type = 'vhostalias') AND parent_domain_id = ".$page_form->id);
+ $records = $app->db->queryAllRecords("SELECT domain_id FROM web_domain WHERE (type = 'vhostsubdomain' OR type = 'vhostalias') AND parent_domain_id = ?", $page_form->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('web_domain', "ip_address = '".$app->db->quote($web_rec['ip_address'])."', ipv6_address = '".$app->db->quote($web_rec['ipv6_address'])."'", 'domain_id', $rec['domain_id']);
+ $app->db->datalogUpdate('web_domain', array("ip_address" => $web_rec['ip_address'], "ipv6_address" => $web_rec['ipv6_address']), 'domain_id', $rec['domain_id']);
}
unset($records);
unset($rec);
}
} else {
$php_open_basedir = str_replace("[website_path]", $document_root, $web_config["php_open_basedir"]);
- $php_open_basedir = $app->db->quote(str_replace("[website_domain]", $page_form->dataRecord['domain'], $php_open_basedir));
-
- $htaccess_allow_override = $app->db->quote($web_config["htaccess_allow_override"]);
- $sql = "UPDATE web_domain SET system_user = '$system_user', system_group = '$system_group', document_root = '$document_root', allow_override = '$htaccess_allow_override', php_open_basedir = '$php_open_basedir' WHERE domain_id = ".$page_form->id;
- $app->db->query($sql);
+ $php_open_basedir = str_replace("[website_domain]", $page_form->dataRecord['domain'], $php_open_basedir);
+ $htaccess_allow_override = $web_config["htaccess_allow_override"];
+
+ $sql = "UPDATE web_domain SET system_user = ?, system_group = ?, document_root = ?, allow_override = ?, php_open_basedir = ? WHERE domain_id = ?";
+ $app->db->query($sql, $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $page_form->id);
}
} else {
if(isset($page_form->dataRecord["parent_domain_id"]) && $page_form->dataRecord["parent_domain_id"] != $page_form->oldDataRecord["parent_domain_id"]) {
- $parent_domain = $app->db->queryOneRecord("SELECT * FROM `web_domain` WHERE `domain_id` = '" . $app->functions->intval($page_form->dataRecord['parent_domain_id']) . "'");
+ $parent_domain = $app->db->queryOneRecord("SELECT * FROM `web_domain` WHERE `domain_id` = ?", $page_form->dataRecord['parent_domain_id']);
// Set the values for document_root, system_user and system_group
- $system_user = $app->db->quote($parent_domain['system_user']);
- $system_group = $app->db->quote($parent_domain['system_group']);
- $document_root = $app->db->quote($parent_domain['document_root']);
+ $system_user = $parent_domain['system_user'];
+ $system_group = $parent_domain['system_group'];
+ $document_root = $parent_domain['document_root'];
$php_open_basedir = str_replace("[website_path]/web", $document_root.'/'.$page_form->dataRecord['web_folder'], $web_config["php_open_basedir"]);
$php_open_basedir = str_replace("[website_domain]/web", $page_form->dataRecord['domain'].'/'.$page_form->dataRecord['web_folder'], $php_open_basedir);
$php_open_basedir = str_replace("[website_path]", $document_root, $php_open_basedir);
- $php_open_basedir = $app->db->quote(str_replace("[website_domain]", $page_form->dataRecord['domain'], $php_open_basedir));
- $htaccess_allow_override = $app->db->quote($parent_domain['allow_override']);
- $sql = "UPDATE web_domain SET sys_groupid = ".$app->functions->intval($parent_domain['sys_groupid']).",system_user = '$system_user', system_group = '$system_group', document_root = '$document_root', allow_override = '$htaccess_allow_override', php_open_basedir = '$php_open_basedir' WHERE domain_id = ".$page_form->id;
- $app->db->query($sql);
+ $php_open_basedir = str_replace("[website_domain]", $page_form->dataRecord['domain'], $php_open_basedir);
+ $htaccess_allow_override = $parent_domain['allow_override'];
+ $sql = "UPDATE web_domain SET sys_groupid = ?,system_user = ?, system_group = ?, document_root = ?, allow_override = ?, php_open_basedir = ? WHERE domain_id = ?";
+ $app->db->query($sql, $parent_domain['sys_groupid'], $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $page_form->id);
}
}
}
diff --git a/interface/lib/plugins/vm_openvz_plugin.inc.php b/interface/lib/plugins/vm_openvz_plugin.inc.php
index fd442055623c273d166ba5094f88b76e44c8f222..73cc9cda86fd3e2be17a351ccda7fff974e4cf08 100644
--- a/interface/lib/plugins/vm_openvz_plugin.inc.php
+++ b/interface/lib/plugins/vm_openvz_plugin.inc.php
@@ -41,24 +41,24 @@ class vm_openvz_plugin {
// also make sure that the user can not delete domain created by a admin
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
- $app->db->query("UPDATE openvz_vm SET sys_groupid = $client_group_id WHERE vm_id = ".$this->id);
+ $app->db->query("UPDATE openvz_vm SET sys_groupid = ? WHERE vm_id = ?", $client_group_id, $this->id);
}
if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
- $app->db->query("UPDATE openvz_vm SET sys_groupid = $client_group_id WHERE vm_id = ".$this->id);
+ $app->db->query("UPDATE openvz_vm SET sys_groupid = ? WHERE vm_id = ?", $client_group_id, $this->id);
}
// Set the VEID
$tmp = $app->db->queryOneRecord('SELECT MAX(veid) + 1 as newveid FROM openvz_vm');
$veid = ($tmp['newveid'] > 100)?$tmp['newveid']:101;
- $app->db->query("UPDATE openvz_vm SET veid = ".$veid." WHERE vm_id = ".$this->id);
+ $app->db->query("UPDATE openvz_vm SET veid = ? WHERE vm_id = ?", $veid, $this->id);
unset($tmp);
// Apply template values to the advanced tab settings
$this->applyTemplate();
// Set the IP address
- $app->db->query("UPDATE openvz_ip SET vm_id = ".$this->id." WHERE ip_address = '".$app->db->quote($this->dataRecord['ip_address'])."'");
+ $app->db->query("UPDATE openvz_ip SET vm_id = ? WHERE ip_address = ?", $this->id, $this->dataRecord['ip_address']);
// Create the OpenVZ config file and store it in config field
$this->makeOpenVZConfig();
@@ -82,11 +82,11 @@ class vm_openvz_plugin {
// also make sure that the user can not delete domain created by a admin
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
- $app->db->query("UPDATE openvz_vm SET sys_groupid = $client_group_id WHERE vm_id = ".$this->id);
+ $app->db->query("UPDATE openvz_vm SET sys_groupid = ? WHERE vm_id = ?", $client_group_id, $this->id);
}
if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
- $app->db->query("UPDATE openvz_vm SET sys_groupid = $client_group_id WHERE vm_id = ".$this->id);
+ $app->db->query("UPDATE openvz_vm SET sys_groupid = ? WHERE vm_id = ?", $client_group_id, $this->id);
}
if(isset($this->dataRecord["ostemplate_id"]) && $this->oldDataRecord["ostemplate_id"] != $this->dataRecord["ostemplate_id"]) {
@@ -94,7 +94,7 @@ class vm_openvz_plugin {
}
// Set the IP address
- if(isset($this->dataRecord['ip_address'])) $app->db->query("UPDATE openvz_ip SET vm_id = ".$this->id." WHERE ip_address = '".$app->db->quote($this->dataRecord['ip_address'])."'");
+ if(isset($this->dataRecord['ip_address'])) $app->db->query("UPDATE openvz_ip SET vm_id = ? WHERE ip_address = ?", $this->id, $this->dataRecord['ip_address']);
// Create the OpenVZ config file and store it in config field
$this->makeOpenVZConfig();
@@ -111,8 +111,8 @@ class vm_openvz_plugin {
global $app, $conf;
//* Free the IP address
- $tmp = $app->db->queryOneRecord("SELECT ip_address_id FROM openvz_ip WHERE vm_id = ".$app->functions->intval($page_form->id));
- $app->db->datalogUpdate('openvz_ip', 'vm_id = 0', 'ip_address_id', $tmp['ip_address_id']);
+ $tmp = $app->db->queryOneRecord("SELECT ip_address_id FROM openvz_ip WHERE vm_id = ?", $page_form->id);
+ $app->db->datalogUpdate('openvz_ip', array('vm_id' => 0), 'ip_address_id', $tmp['ip_address_id']);
unset($tmp);
}
@@ -120,29 +120,31 @@ class vm_openvz_plugin {
private function applyTemplate() {
global $app, $conf;
- $tpl = $app->db->queryOneRecord("SELECT * FROM openvz_template WHERE template_id = ".$app->functions->intval($this->dataRecord["template_id"]));
+ $tpl = $app->db->queryOneRecord("SELECT * FROM openvz_template WHERE template_id = ?", $this->dataRecord["template_id"]);
$sql = "UPDATE openvz_vm SET ";
- $sql .= "diskspace = '".$app->db->quote($tpl['diskspace'])."', ";
- $sql .= "ram = '".$app->db->quote($tpl['ram'])."', ";
- $sql .= "ram_burst = '".$app->db->quote($tpl['ram_burst'])."', ";
- $sql .= "cpu_units = '".$app->db->quote($tpl['cpu_units'])."', ";
- $sql .= "cpu_num = '".$app->db->quote($tpl['cpu_num'])."', ";
- $sql .= "cpu_limit = '".$app->db->quote($tpl['cpu_limit'])."', ";
- $sql .= "io_priority = '".$app->db->quote($tpl['io_priority'])."', ";
- $sql .= "nameserver = '".$app->db->quote($tpl['nameserver'])."', ";
- $sql .= "create_dns = '".$app->db->quote($tpl['create_dns'])."', ";
- $sql .= "capability = '".$app->db->quote($tpl['capability'])."' ";
- $sql .= "WHERE vm_id = ".$app->functions->intval($this->id);
- $app->db->query($sql);
+ $sql .= "diskspace = ?, ";
+ $sql .= "ram = ?, ";
+ $sql .= "ram_burst = ?, ";
+ $sql .= "cpu_units = ?, ";
+ $sql .= "cpu_num = ?, ";
+ $sql .= "cpu_limit = ?, ";
+ $sql .= "io_priority = ?, ";
+ $sql .= "nameserver = ?, ";
+ $sql .= "create_dns = ?, ";
+ $sql .= "capability = ?, ";
+ $sql .= "features = ?, ";
+ $sql .= "iptables = ? ";
+ $sql .= "WHERE vm_id = ?";
+ $app->db->query($sql, $tpl['diskspace'], $tpl['ram'], $tpl['ram_burst'], $tpl['cpu_units'], $tpl['cpu_num'], $tpl['cpu_limit'], $tpl['io_priority'], $tpl['nameserver'], $tpl['create_dns'], $tpl['capability'], $tpl['features'], $tpl['iptables'], $this->id);
}
private function makeOpenVZConfig() {
global $app, $conf;
- $vm = $app->db->queryOneRecord("SELECT * FROM openvz_vm WHERE vm_id = ".$app->functions->intval($this->id));
- $vm_template = $app->db->queryOneRecord("SELECT * FROM openvz_template WHERE template_id = ".$app->functions->intval($vm['template_id']));
+ $vm = $app->db->queryOneRecord("SELECT * FROM openvz_vm WHERE vm_id = ?",$app->functions->intval($this->id));
+ $vm_template = $app->db->queryOneRecord("SELECT * FROM openvz_template WHERE template_id = ?",$app->functions->intval($vm['template_id']));
$burst_ram = $vm['ram_burst']*256;
$guar_ram = $vm['ram']*256;
@@ -193,13 +195,15 @@ class vm_openvz_plugin {
$tpl->setVar('ip_address', $vm['ip_address']);
$tpl->setVar('nameserver', $vm['nameserver']);
$tpl->setVar('capability', $vm['capability']);
+ $tpl->setVar('features', $vm['features']);
+ $tpl->setVar('iptables', $vm['iptables']);
- $tmp = $app->db->queryOneRecord("SELECT template_file FROM openvz_ostemplate WHERE ostemplate_id = ".$app->functions->intval($vm['ostemplate_id']));
+ $tmp = $app->db->queryOneRecord("SELECT template_file FROM openvz_ostemplate WHERE ostemplate_id = ?", $app->functions->intval($vm['ostemplate_id']));
$tpl->setVar('ostemplate', $tmp['template_file']);
unset($tmp);
- $openvz_config = $app->db->quote($tpl->grab());
- $app->db->query("UPDATE openvz_vm SET config = '".$openvz_config."' WHERE vm_id = ".$app->functions->intval($this->id));
+ $openvz_config = $tpl->grab();
+ $app->db->query("UPDATE openvz_vm SET config = ? WHERE vm_id = ?", $openvz_config, $app->functions->intval($this->id));
unset($tpl);
@@ -208,23 +212,23 @@ class vm_openvz_plugin {
private function createDNS() {
global $app, $conf;
- $vm = $app->db->queryOneRecord("SELECT * FROM openvz_vm WHERE vm_id = ".$app->functions->intval($this->id));
+ $vm = $app->db->queryOneRecord("SELECT * FROM openvz_vm WHERE vm_id = ?", $app->functions->intval($this->id));
if($vm['create_dns'] != 'y') return;
$full_hostname = str_replace('{VEID}', $vm['veid'], $vm['hostname']);
$hostname_parts = explode('.', $full_hostname);
- $hostname = $app->db->quote($hostname_parts[0]);
+ $hostname = $hostname_parts[0];
unset($hostname_parts[0]);
- $zone = $app->db->quote((implode('.', $hostname_parts)));
+ $zone = implode('.', $hostname_parts);
unset($hostname_parts);
// Find the dns zone
- $zone_rec = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE origin = '".$app->db->quote($zone).".'");
- $rr_rec = $app->db->queryOneRecord("SELECT * FROM dns_rr WHERE zone = '".$app->functions->intval($zone_rec['id'])."' AND name = '".$app->db->quote($hostname)."'");
+ $zone_rec = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE origin = ?", $zone);
+ $rr_rec = $app->db->queryOneRecord("SELECT * FROM dns_rr WHERE zone = ? AND name = ?", $zone_rec['id'], $hostname);
if($zone_rec['id'] > 0) {
- $ip_address = $app->db->quote($vm['ip_address']);
+ $ip_address = $vm['ip_address'];
$sys_userid = $app->functions->intval($zone_rec['sys_userid']);
$sys_groupid = $app->functions->intval($zone_rec['sys_groupid']);
$server_id = $app->functions->intval($zone_rec['server_id']);
@@ -232,12 +236,25 @@ class vm_openvz_plugin {
if($rr_rec['id'] > 0) {
$app->uses('validate_dns');
- $app->db->datalogUpdate('dns_rr', "data = '$ip_address'", 'id', $app->functions->intval($rr_rec['id']));
+ $app->db->datalogUpdate('dns_rr', array("data" => $ip_address), 'id', $app->functions->intval($rr_rec['id']));
$serial = $app->validate_dns->increase_serial($zone_rec['serial']);
- $app->db->datalogUpdate('dns_soa', "serial = '$serial'", 'id', $app->functions->intval($zone_rec['id']));
+ $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $app->functions->intval($zone_rec['id']));
} else {
- $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `zone`, `name`, `type`, `data`, `aux`, `ttl`, `active`) VALUES
- ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$dns_soa_id', '$hostname', 'A', '$ip_address', '0', '3600', 'Y')";
+ $insert_data = array(
+ "sys_userid" => $sys_userid,
+ "sys_groupid" => $sys_groupid,
+ "sys_perm_user" => 'riud',
+ "sys_perm_group" => 'riud',
+ "sys_perm_other" => '',
+ "server_id" => $server_id,
+ "zone" => $dns_soa_id,
+ "name" => $hostname,
+ "type" => 'A',
+ "data" => $ip_address,
+ "aux" => '0',
+ "ttl" => '3600',
+ "active" => 'Y'
+ );
$dns_rr_id = $app->db->datalogInsert('dns_rr', $insert_data, 'id');
}
diff --git a/interface/web/admin/firewall_edit.php b/interface/web/admin/firewall_edit.php
index 6c29f766d100d03f548d815f26ffdd6c4956bd37..4dd26afbf6759aa1a001fd773e6fa851c72ba3b1 100644
--- a/interface/web/admin/firewall_edit.php
+++ b/interface/web/admin/firewall_edit.php
@@ -56,7 +56,7 @@ class page_action extends tform_actions {
//* Check if the server has been changed
// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
- $rec = $app->db->queryOneRecord("SELECT server_id from firewall WHERE firewall_id = ".$this->id);
+ $rec = $app->db->queryOneRecord("SELECT server_id from firewall WHERE firewall_id = ?", $this->id);
if($rec['server_id'] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
diff --git a/interface/web/admin/form/directive_snippets.tform.php b/interface/web/admin/form/directive_snippets.tform.php
index 2af05af6c3e2824a57d62dd116fd1a2e07dac890..0c2502c6c4a4c1ef4b5a8cceaa5bd295ba6e0894 100644
--- a/interface/web/admin/form/directive_snippets.tform.php
+++ b/interface/web/admin/form/directive_snippets.tform.php
@@ -93,12 +93,29 @@ $form["tabs"]['directive_snippets'] = array (
'maxlength' => '255',
'searchable' => 2
),
+ 'customer_viewable' => array (
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'CHECKBOX',
+ 'default' => 'n',
+ 'value' => array(0 => 'n', 1 => 'y')
+ ),
'active' => array (
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
'default' => 'y',
'value' => array(0 => 'n', 1 => 'y')
),
+ 'required_php_snippets' => array (
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'CHECKBOXARRAY',
+ 'default' => '',
+ 'datasource' => array ( 'type' => 'SQL',
+ 'querystring' => "SELECT directive_snippets_id,name FROM directive_snippets WHERE type = 'php' AND active = 'y'ORDER BY name",
+ 'keyfield' => 'directive_snippets_id',
+ 'valuefield' => 'name'
+ ),
+ 'separator' => ',',
+ ),
//#################################
// ENDE Datatable fields
//#################################
diff --git a/interface/web/admin/form/server.tform.php b/interface/web/admin/form/server.tform.php
index a2eac6c3b758e5e6ffe1c993f167d3104fd2be05..1bf079e1b0bb08791cdddb7f70b9797e5720e504 100644
--- a/interface/web/admin/form/server.tform.php
+++ b/interface/web/admin/form/server.tform.php
@@ -102,6 +102,12 @@ $form["tabs"]['services'] = array (
'default' => '0',
'value' => array(0 => 0, 1 => 1)
),
+ 'xmpp_server' => array (
+ 'datatype' => 'INTEGER',
+ 'formtype' => 'CHECKBOX',
+ 'default' => '0',
+ 'value' => array(0 => 0, 1 => 1)
+ ),
'mirror_server_id' => array (
'datatype' => 'INTEGER',
'formtype' => 'TEXT',
diff --git a/interface/web/admin/form/server_config.tform.php b/interface/web/admin/form/server_config.tform.php
index aa9adc54327d6a32e3b0b5f8ca42e8b7ffd9bca7..a03636af4dbb045619effc8b0112ca9808b43b56 100644
--- a/interface/web/admin/form/server_config.tform.php
+++ b/interface/web/admin/form/server_config.tform.php
@@ -182,7 +182,7 @@ $form["tabs"]['server'] = array(
'backup_dir_is_mount' => array(
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
- 'default' => 'n',
+ 'default' => 'y',
'value' => array(0 => 'n', 1 => 'y')
),
'backup_mode' => array(
@@ -295,6 +295,12 @@ $form["tabs"]['mail'] = array(
'width' => '40',
'maxlength' => '255'
),
+ 'maildir_format' => array(
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'SELECT',
+ 'default' => '20',
+ 'value' => array('maildir' => 'Maildir', 'mdbox' => 'mdbox')
+ ),
'homedir_path' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
@@ -320,8 +326,8 @@ $form["tabs"]['mail'] = array(
'dkim_strength' => array(
'datatype' => 'INTEGER',
'formtype' => 'SELECT',
- 'default' => '1024',
- 'value' => array('1024' => 'normal (1024)', '2048' => 'strong (2048)', '4096' => 'very strong (4096)')
+ 'default' => '2048',
+ 'value' => array('1024' => 'weak (1024)', '2048' => 'normal (2048)', '4096' => 'strong (4096)')
),
'relayhost_password' => array(
'datatype' => 'VARCHAR',
@@ -434,6 +440,12 @@ $form["tabs"]['mail'] = array(
'width' => '40',
'maxlength' => '255'
),
+ 'reject_sender_login_mismatch' => array (
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'CHECKBOX',
+ 'default' => 'n',
+ 'value' => array(0 => 'n', 1 => 'y')
+ ),
'mailbox_size_limit' => array(
'datatype' => 'INTEGER',
'formtype' => 'TEXT',
@@ -604,14 +616,12 @@ $form["tabs"]['web'] = array(
'width' => '40',
'maxlength' => '255'
),
- /*
-'vhost_rewrite_v6' => array (
-'datatype' => 'VARCHAR',
-'formtype' => 'CHECKBOX',
-'default' => 'n',
-'value' => array(0 => 'n',1 => 'y')
-),
-*/
+ 'vhost_rewrite_v6' => array (
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'CHECKBOX',
+ 'default' => 'n',
+ 'value' => array(0 => 'n',1 => 'y')
+ ),
'vhost_conf_dir' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
@@ -993,7 +1003,7 @@ $form["tabs"]['web'] = array(
'datatype' => 'VARCHAR',
'formtype' => 'SELECT',
'default' => 'fast-cgi',
- 'value' => array('no' => 'disabled_txt', 'fast-cgi' => 'Fast-CGI', 'cgi' => 'CGI', 'mod' => 'Mod-PHP', 'suphp' => 'SuPHP', 'php-fpm' => 'PHP-FPM'),
+ 'value' => array('no' => 'disabled_txt', 'fast-cgi' => 'Fast-CGI', 'cgi' => 'CGI', 'mod' => 'Mod-PHP', 'suphp' => 'SuPHP', 'php-fpm' => 'PHP-FPM', 'hhvm' => 'HHVM'),
'searchable' => 2
),
'nginx_cgi_socket' => array(
@@ -1021,6 +1031,15 @@ $form["tabs"]['web'] = array(
'width' => '40',
'maxlength' => '255'
),
+ 'enable_spdy' => array (
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'CHECKBOX',
+ 'default' => 'y',
+ 'value' => array (
+ 0 => 'n',
+ 1 => 'y'
+ )
+ ),
'apps_vhost_port' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
@@ -1309,6 +1328,86 @@ $form["tabs"]['fastcgi'] = array(
);
+$form["tabs"]['xmpp'] = array(
+ 'title' => "XMPP",
+ 'width' => 80,
+ 'template' => "templates/server_config_xmpp_edit.htm",
+ 'fields' => array(
+ //#################################
+ // Begin Datatable fields
+ //#################################
+ 'xmpp_use_ipv6' => array(
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'CHECKBOX',
+ 'default' => 'n',
+ 'value' => array(0 => 'n', 1 => 'y')
+ ),
+ 'xmpp_bosh_max_inactivity' => array(
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'TEXT',
+ 'default' => '30',
+ 'validators' => array(0 => array('type' => 'ISINT',
+ 'errmsg' => 'ip_address_error_wrong'),
+ array('type'=>'RANGE', 'range'=>'15:360', 'errmsg' => 'xmpp_bosh_timeout_range_wrong')
+ ),
+ 'value' => '',
+ 'width' => '15'
+ ),
+
+ 'xmpp_server_admins' => array(
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'TEXT',
+ 'default' => 'admin@service.com, superuser@service.com',
+ 'value' => '',
+ 'width' => '15'
+ ),
+
+ 'xmpp_modules_enabled' => array(
+ 'datatype' => 'TEXT',
+ 'formtype' => 'TEXT',
+ 'default' => "saslauth, tls, dialback, disco, discoitems, version, uptime, time, ping, admin_adhoc, admin_telnet, bosh, posix, announce, offline, webpresence, mam, stream_management, message_carbons",
+ 'value' => '',
+ 'separator' => ","
+ ),
+
+ 'xmpp_port_http' => array(
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'TEXT',
+ 'default' => '5290',
+ 'validators' => array(0 => array('type' => 'ISINT')),
+ 'value' => '5290',
+ 'width' => '15'
+ ),
+ 'xmpp_port_https' => array(
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'TEXT',
+ 'default' => '5291',
+ 'validators' => array(0 => array('type' => 'ISINT')),
+ 'value' => '5291',
+ 'width' => '15'
+ ),
+ 'xmpp_port_pastebin' => array(
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'TEXT',
+ 'default' => '5292',
+ 'validators' => array(0 => array('type' => 'ISINT')),
+ 'value' => '5292',
+ 'width' => '15'
+ ),
+ 'xmpp_port_bosh' => array(
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'TEXT',
+ 'default' => '5280',
+ 'validators' => array(0 => array('type' => 'ISINT')),
+ 'value' => '5280',
+ 'width' => '15'
+ ),
+ //#################################
+ // ENDE Datatable fields
+ //#################################
+ )
+);
+
$form["tabs"]['jailkit'] = array(
'title' => "Jailkit",
'width' => 80,
diff --git a/interface/web/admin/form/system_config.tform.php b/interface/web/admin/form/system_config.tform.php
index 28aa42b7284080d45969d8a6379d2a962a034a5c..fabc180b04c11ca14641aefc485680b12922c4d6 100644
--- a/interface/web/admin/form/system_config.tform.php
+++ b/interface/web/admin/form/system_config.tform.php
@@ -166,6 +166,12 @@ $form["tabs"]['sites'] = array (
'default' => 'n',
'value' => array(0 => 'n', 1 => 'y')
),
+ 'backups_include_into_web_quota' => array (
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'CHECKBOX',
+ 'default' => 'n',
+ 'value' => array(0 => 'n', 1 => 'y')
+ ),
'reseller_can_use_options' => array (
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
diff --git a/interface/web/admin/form/users.tform.php b/interface/web/admin/form/users.tform.php
index 9ee2970df51bac402529b9c794579918bf678bf9..6a23559f1273b5113bb0165a3862905b5ab3b582 100644
--- a/interface/web/admin/form/users.tform.php
+++ b/interface/web/admin/form/users.tform.php
@@ -260,6 +260,19 @@ $form['tabs']['users'] = array (
'maxlength' => '2',
'rows' => '',
'cols' => ''
+ ),
+ 'lost_password_function' => array (
+ 'datatype' => 'INTEGER',
+ 'formtype' => 'CHECKBOX',
+ 'regex' => '',
+ 'errmsg' => '',
+ 'default' => 1,
+ 'value' => array(0 => 0, 1 => 1),
+ 'separator' => '',
+ 'width' => '30',
+ 'maxlength' => '255',
+ 'rows' => '',
+ 'cols' => ''
)
//#################################
// ENDE Datenbankfelder
diff --git a/interface/web/admin/lib/lang/ar_server_config.lng b/interface/web/admin/lib/lang/ar_server_config.lng
index f42dbc9e5cf61e7c3f0b620c0c9da5ace10eae04..b03eaebfddf06d8348f899b30c7bd4ed7163f18b 100644
--- a/interface/web/admin/lib/lang/ar_server_config.lng
+++ b/interface/web/admin/lib/lang/ar_server_config.lng
@@ -19,6 +19,7 @@ $wb['fastcgi_max_requests_txt'] = 'FastCGI max. Requests';
$wb['fastcgi_bin_txt'] = 'FastCGI Bin';
$wb['module_txt'] = 'Module';
$wb['maildir_path_txt'] = 'Maildir Path';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Homedir Path';
$wb['mailuser_uid_txt'] = 'Mailuser UID';
$wb['mailuser_gid_txt'] = 'Mailuser GID';
@@ -32,6 +33,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Relayhost';
$wb['relayhost_user_txt'] = 'Relayhost User';
$wb['relayhost_password_txt'] = 'Relayhost Password';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Mailbox Size Limit';
$wb['message_size_limit_txt'] = 'Message Size Limit';
$wb['ip_address_txt'] = 'IP Address';
diff --git a/interface/web/admin/lib/lang/ar_system_config.lng b/interface/web/admin/lib/lang/ar_system_config.lng
index 766c55b0adb693eacef12abcfb534ed7c63ef264..61f7a791c69d0f0a5d3e76b331f6eaacfc203d60 100644
--- a/interface/web/admin/lib/lang/ar_system_config.lng
+++ b/interface/web/admin/lib/lang/ar_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/bg_server_config.lng b/interface/web/admin/lib/lang/bg_server_config.lng
index e6f6e03c6825bf57abe405f79c0a4cfee0823607..10fbc0b3dd0cc4498e55ac0be52cb07b7b3d0249 100644
--- a/interface/web/admin/lib/lang/bg_server_config.lng
+++ b/interface/web/admin/lib/lang/bg_server_config.lng
@@ -17,6 +17,7 @@ $wb['fastcgi_max_requests_txt'] = 'FastCGI max. Requests';
$wb['fastcgi_bin_txt'] = 'FastCGI Bin';
$wb['module_txt'] = 'Модул';
$wb['maildir_path_txt'] = 'Maildir Path';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Homedir Path';
$wb['mailuser_uid_txt'] = 'Mailuser UID';
$wb['mailuser_gid_txt'] = 'Mailuser GID';
@@ -30,6 +31,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Relayhost';
$wb['relayhost_user_txt'] = 'Relayhost User';
$wb['relayhost_password_txt'] = 'Relayhost Password';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Mailbox Size Limit';
$wb['message_size_limit_txt'] = 'Message Size Limit';
$wb['ip_address_txt'] = 'IP адрес';
diff --git a/interface/web/admin/lib/lang/bg_system_config.lng b/interface/web/admin/lib/lang/bg_system_config.lng
index cde9ab74c04c641ac7e7dcb9b4d365ace814ffc3..a88c2cec3a2e8b6ec09c3dd3a2de4a8506d90367 100644
--- a/interface/web/admin/lib/lang/bg_system_config.lng
+++ b/interface/web/admin/lib/lang/bg_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/br_server_config.lng b/interface/web/admin/lib/lang/br_server_config.lng
index 14e59facd0eff7db07d2e1038e453e18d9da258b..8946db17631e0cad672e6b6692040a4a10fe572f 100644
--- a/interface/web/admin/lib/lang/br_server_config.lng
+++ b/interface/web/admin/lib/lang/br_server_config.lng
@@ -18,6 +18,7 @@ $wb['fastcgi_max_requests_txt'] = 'FastCGI: Requisições máximas';
$wb['fastcgi_bin_txt'] = 'FastCGI Bin';
$wb['module_txt'] = 'Módulo';
$wb['maildir_path_txt'] = 'Caminho do diretório Maildir';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Caminho do diretório Home';
$wb['mailuser_uid_txt'] = 'UID usuário de email';
$wb['mailuser_gid_txt'] = 'GID usuário de email';
@@ -31,6 +32,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Host Relay';
$wb['relayhost_user_txt'] = 'Usuário do Host Relay';
$wb['relayhost_password_txt'] = 'Senha do Host Relay';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Tamanho máximo da Caixa Postal';
$wb['message_size_limit_txt'] = 'Tamanho máximo de mensagem';
$wb['ip_address_txt'] = 'Endereço IP';
diff --git a/interface/web/admin/lib/lang/br_system_config.lng b/interface/web/admin/lib/lang/br_system_config.lng
index c0caf050bd581c4d291094088f3f865ba39e24c8..2a7201882971d0d2c99b38e9905caeaa48bf5424 100644
--- a/interface/web/admin/lib/lang/br_system_config.lng
+++ b/interface/web/admin/lib/lang/br_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/cz_server_config.lng b/interface/web/admin/lib/lang/cz_server_config.lng
index a1edf0d395e8c4f8f8faced94aa906b4965d0231..c5a3dbc4f3a1aa0cac361b75cdd8721791f8e489 100644
--- a/interface/web/admin/lib/lang/cz_server_config.lng
+++ b/interface/web/admin/lib/lang/cz_server_config.lng
@@ -19,6 +19,7 @@ $wb['fastcgi_max_requests_txt'] = 'FastCGI max. požadavků';
$wb['fastcgi_bin_txt'] = 'FastCGI cesta k binarnímu balíčku';
$wb['module_txt'] = 'Modul';
$wb['maildir_path_txt'] = 'Cesta k mail adresáři';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Cesta k domácímu adresáři';
$wb['mailuser_uid_txt'] = 'Mail uživatel UID';
$wb['mailuser_gid_txt'] = 'Mail uživatel GID';
@@ -32,6 +33,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Relayhost';
$wb['relayhost_user_txt'] = 'Relayhost uživatel';
$wb['relayhost_password_txt'] = 'Relayhost heslo';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Limit velikosti mailboxu';
$wb['message_size_limit_txt'] = 'Limit velikosti zprávy';
$wb['ip_address_txt'] = 'IP adresa';
diff --git a/interface/web/admin/lib/lang/cz_system_config.lng b/interface/web/admin/lib/lang/cz_system_config.lng
index 13a202f5e9a2aea2da9ec906537aaf0c5f87d44a..ec1fae36f51b01224317e03231e3778231d9584d 100644
--- a/interface/web/admin/lib/lang/cz_system_config.lng
+++ b/interface/web/admin/lib/lang/cz_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Použití jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Použití indikátoru zatížení';
$wb['f5_to_reload_js_txt'] = 'Pokud vypnete tuto volbu, zřejmě budete muset používat klávesu F5, aby internetový prohlížeč znovu načetl JavaScript knihovny nebo budete muset ručně vyprázdňovat mezipaměť (cache) vašeho internetového prohlížeče.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show Autoresponder tab in Mailbox detail';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show Mail Filter tab in Mailbox detail';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show Custom Rules tab in Mailbox detail';
diff --git a/interface/web/admin/lib/lang/de_directive_snippets.lng b/interface/web/admin/lib/lang/de_directive_snippets.lng
index 18ce2d51b2f59be271a9c71035c1a49febb6fe9f..83a6b3c5f78b724124a29978bc0b48eb98b784f7 100644
--- a/interface/web/admin/lib/lang/de_directive_snippets.lng
+++ b/interface/web/admin/lib/lang/de_directive_snippets.lng
@@ -7,4 +7,5 @@ $wb['active_txt'] = 'Aktiv';
$wb['directive_snippets_name_empty'] = 'Bitte geben Sie einen Namen für den Schnipsel an.';
$wb['directive_snippets_name_error_unique'] = 'Es existiert schon ein Direktiven-Schnipsel mit diesem Namen.';
$wb['variables_txt'] = 'Variablen';
+$wb['customer_viewable_txt'] = 'Sichtbar für Kunden';
?>
diff --git a/interface/web/admin/lib/lang/de_directive_snippets_list.lng b/interface/web/admin/lib/lang/de_directive_snippets_list.lng
index a19d5e8da49033c984604fb8b4875d5d8313a045..469489cd30f1dd1c3ba98d3b494e89227b2dce63 100644
--- a/interface/web/admin/lib/lang/de_directive_snippets_list.lng
+++ b/interface/web/admin/lib/lang/de_directive_snippets_list.lng
@@ -4,4 +4,5 @@ $wb['active_txt'] = 'Aktiv';
$wb['name_txt'] = 'Name des Schnipsels';
$wb['type_txt'] = 'Typ';
$wb['add_new_record_txt'] = 'Direktiven Schnipsel hinzufügen';
+$wb['customer_viewable_txt'] = 'Sichtbar für Kunden';
?>
diff --git a/interface/web/admin/lib/lang/de_server_config.lng b/interface/web/admin/lib/lang/de_server_config.lng
index 9afd35cb12104a578f94235d54dd6cdf1628af5c..336cea82d9921c4617ef2366a471523978f81852 100644
--- a/interface/web/admin/lib/lang/de_server_config.lng
+++ b/interface/web/admin/lib/lang/de_server_config.lng
@@ -18,6 +18,7 @@ $wb['fastcgi_max_requests_txt'] = 'FastCGI max. Anfragen';
$wb['fastcgi_bin_txt'] = 'FastCGI Bin';
$wb['module_txt'] = 'Modul';
$wb['maildir_path_txt'] = 'Maildir Pfad';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Homedir Pfad';
$wb['dkim_path_txt'] = 'DKIM Pfad';
$wb['mailuser_uid_txt'] = 'Mailbenutzer UID';
@@ -32,6 +33,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid Mapping kann nur um
$wb['relayhost_txt'] = 'Relayhost';
$wb['relayhost_user_txt'] = 'Relayhost Benutzer';
$wb['relayhost_password_txt'] = 'Relayhost Passwort';
+$wb['reject_sender_login_mismatch_txt'] = 'Zurückweisen von Mails, wenn Sender nicht gleich Login';
$wb['mailbox_size_limit_txt'] = 'E-Mailkonto Beschränkung';
$wb['message_size_limit_txt'] = 'E-Mailgrößen Beschränkung';
$wb['ip_address_txt'] = 'IP Adresse';
@@ -256,4 +258,11 @@ $wb['cron_init_script_error_regex'] = 'Invalid cron init script.';
$wb['crontab_dir_error_regex'] = 'Invalid crontab directory.';
$wb['cron_wget_error_regex'] = 'Invalid cron wget path.';
$wb['network_filesystem_txt'] = 'Netzwerk-Dateisystem';
+$wb['overquota_db_notify_admin_txt'] = 'Datenbank-Quota-Warnungen an den Administrator senden';
+$wb['overquota_db_notify_client_txt'] = 'Datenbank-Quota-Warnungen an den Kunden senden';
+$wb['php_ini_check_minutes_txt'] = 'Prüfe php.ini alle X Minuten auf Änderungen';
+$wb['php_ini_check_minutes_error_empty'] = 'Bitte geben Sie einen Wert an, wie oft die php.ini auf Änderungen geprüft werden soll.';
+$wb['php_ini_check_minutes_info_txt'] = '0 = keine Prüfung';
+$wb['php_handler_txt'] = 'Standard-PHP-Handler';
+$wb['enable_spdy_txt'] = 'Stellt SPDY zur Verfügung';
?>
diff --git a/interface/web/admin/lib/lang/de_system_config.lng b/interface/web/admin/lib/lang/de_system_config.lng
index b0f612ac970463f7468e0a06f7e4e9fa54cea722..862fb569fe926f839b47d3657a5f60d5935aaa09 100644
--- a/interface/web/admin/lib/lang/de_system_config.lng
+++ b/interface/web/admin/lib/lang/de_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_loadindicator_txt'] = 'Laden Grafik anzeigen';
$wb['f5_to_reload_js_txt'] = 'Wenn Sie den Wert ändern, müssen Sie F5 drücken, damit der Browser die JavaScript Bibliotheken neu lädt, oder Ihren Browser Cache leeren.';
$wb['phpmyadmin_url_error_regex'] = 'Falsche phpMyAdmin URL';
$wb['client_username_web_check_disabled_txt'] = 'Deaktiviere die Kunden Benutzernamen Überprüfung für den Begriff web.';
+$wb['backups_include_into_web_quota_txt'] = 'Backups in Web Quota hinzuzählen.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Zeige Autoresponder Reiter in E-Mail Kontodetails';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Zeige E-Mail Filter Reiter in E-Mail Kontodetails';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Zeige Benutzerregel Reiter in E-Mail Kontodetails';
diff --git a/interface/web/admin/lib/lang/de_users.lng b/interface/web/admin/lib/lang/de_users.lng
index da26db30fc035192cf15524453260aeb0bea22b0..db37a605bc984ed6a708e6bc8802d979a397d3c8 100644
--- a/interface/web/admin/lib/lang/de_users.lng
+++ b/interface/web/admin/lib/lang/de_users.lng
@@ -31,4 +31,5 @@ $wb['password_mismatch_txt'] = 'Die Passwörter stimmen nicht überein.';
$wb['password_match_txt'] = 'Die Passwörter stimmen überein.';
$wb['username_error_collision'] = 'Der Benutzername darf nicht web oder web gefolgt von einer Zahl sein.';
$wb['client_not_admin_err'] = 'A user that belongs to a client can not be set to type: admin';
+$wb['lost_password_function_txt'] = 'Passwort vergessen Funktion steht zur Verfügung';
?>
diff --git a/interface/web/admin/lib/lang/el_server_config.lng b/interface/web/admin/lib/lang/el_server_config.lng
index 560e2b809077d8d08bf64d3c97e37b6d099a1836..ca7cf2b26ed6c7de16bf58391712f47d5ca3c9a9 100644
--- a/interface/web/admin/lib/lang/el_server_config.lng
+++ b/interface/web/admin/lib/lang/el_server_config.lng
@@ -19,6 +19,7 @@ $wb['fastcgi_max_requests_txt'] = 'Όριο πλήθους αιτήσεων Fast
$wb['fastcgi_bin_txt'] = 'FastCGI Bin';
$wb['module_txt'] = 'Άρθρωμα';
$wb['maildir_path_txt'] = 'Διαδρομή Maildir';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Διαδρομή Homedir';
$wb['mailuser_uid_txt'] = 'Mailuser UID';
$wb['mailuser_gid_txt'] = 'Mailuser GID';
@@ -32,6 +33,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Relayhost';
$wb['relayhost_user_txt'] = 'Χρήστης Relayhost';
$wb['relayhost_password_txt'] = 'Συνθηματικό Relayhost';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Όριο χώρου θυρίδας';
$wb['message_size_limit_txt'] = 'Μήνυμα ορίου χώρου';
$wb['ip_address_txt'] = 'Διεύθυνση IP';
diff --git a/interface/web/admin/lib/lang/el_system_config.lng b/interface/web/admin/lib/lang/el_system_config.lng
index fa2cfeeae70e4be1a66fc821c8758e54986400a9..aa97d1e28b590d54a9396f9d5835eae531107606 100644
--- a/interface/web/admin/lib/lang/el_system_config.lng
+++ b/interface/web/admin/lib/lang/el_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Χρήση jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Χρήση Load Indicator (ενδεικτή φόρτωσης)';
$wb['f5_to_reload_js_txt'] = 'Αν το αλλάξετε, ίσως πρέπει να πατήσετε το F5 για να κάνετε τον φυλλομετρητη να ξαναφορτώσει τις βιβλιοθήκες JavaScript ή να αδείασετε την cache του φυλλομετρητή.';
$wb['client_username_web_check_disabled_txt'] = 'Απενεργοποίηση ελέγχου στο όνομα χρήστη για την λέξη \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Εμφάνιση της καρτέλας Αυτόματης Απάντησης στις λεπτομέρειες του λογαριασμού mail';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Εμφάνιση της καρτέλας Φίλτρα mail στις λεπτομέρειες του λογαριασμού mail';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Εμφάνιση της καρτέλας Προσαρμοσμένοι Κανόνες στις λεπτομέρειες του λογαριασμού mail';
diff --git a/interface/web/admin/lib/lang/en_directive_snippets.lng b/interface/web/admin/lib/lang/en_directive_snippets.lng
index 9d9b0ae8ee4b91485835dc9e66d45e6e1a57a665..e8733cd9480b545a3722fff93453d82520d5c6ce 100644
--- a/interface/web/admin/lib/lang/en_directive_snippets.lng
+++ b/interface/web/admin/lib/lang/en_directive_snippets.lng
@@ -7,4 +7,5 @@ $wb["active_txt"] = 'Active';
$wb["directive_snippets_name_empty"] = 'Please specify a name for the snippet.';
$wb["directive_snippets_name_error_unique"] = 'There is already a directive snippet with this name.';
$wb['variables_txt'] = 'Variables';
+$wb['customer_viewable_txt'] = 'Customer viewable';
?>
\ No newline at end of file
diff --git a/interface/web/admin/lib/lang/en_directive_snippets_list.lng b/interface/web/admin/lib/lang/en_directive_snippets_list.lng
index 702e7e250480306e6f717010d84662c0e03d41e1..7a4db54ea422270ce4b0456d3d4f9958ca65cfa9 100644
--- a/interface/web/admin/lib/lang/en_directive_snippets_list.lng
+++ b/interface/web/admin/lib/lang/en_directive_snippets_list.lng
@@ -4,4 +4,5 @@ $wb["active_txt"] = 'Active';
$wb["name_txt"] = 'Name of Snippet';
$wb["type_txt"] = 'Type';
$wb["add_new_record_txt"] = 'Add Directive Snippet';
+$wb['customer_viewable_txt'] = 'Customer viewable';
?>
\ No newline at end of file
diff --git a/interface/web/admin/lib/lang/en_server.lng b/interface/web/admin/lib/lang/en_server.lng
index 4130201b7ce0ce0b45e11a4657dfe8ed3d65b649..1f36bc718ef1402b752c9f0d9326ae68cb35fb60 100644
--- a/interface/web/admin/lib/lang/en_server.lng
+++ b/interface/web/admin/lib/lang/en_server.lng
@@ -12,4 +12,6 @@ $wb["firewall_server_txt"] = 'Firewall-Server';
$wb["active_txt"] = 'Active';
$wb["mirror_server_id_txt"] = 'Is mirror of Server';
$wb["- None -"] = '- None -';
+// New for XMPP
+$wb['xmpp_server_txt'] = 'XMPP Server';
?>
\ No newline at end of file
diff --git a/interface/web/admin/lib/lang/en_server_config.lng b/interface/web/admin/lib/lang/en_server_config.lng
index dde50a0613d800c4e1e53e4202cc2e5ab1366d95..2628abf292c72ddaa0bd18e3ab20f859e64098b2 100644
--- a/interface/web/admin/lib/lang/en_server_config.lng
+++ b/interface/web/admin/lib/lang/en_server_config.lng
@@ -29,6 +29,7 @@ $wb["fastcgi_max_requests_txt"] = 'FastCGI max. Requests';
$wb["fastcgi_bin_txt"] = 'FastCGI Bin';
$wb["module_txt"] = 'Module';
$wb["maildir_path_txt"] = 'Maildir Path';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb["homedir_path_txt"] = 'Homedir Path';
$wb["dkim_path_txt"] = 'DKIM Path';
$wb["mailuser_uid_txt"] = 'Mailuser UID';
@@ -43,6 +44,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb["relayhost_txt"] = 'Relayhost';
$wb["relayhost_user_txt"] = 'Relayhost User';
$wb["relayhost_password_txt"] = 'Relayhost Password';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb["mailbox_size_limit_txt"] = 'Mailbox Size Limit';
$wb["message_size_limit_txt"] = 'Message Size Limit';
$wb["ip_address_txt"] = 'IP Address';
@@ -205,7 +207,7 @@ $wb['backup_delete_txt'] = 'Delete backups on domain/website delete';
$wb["overquota_db_notify_admin_txt"] = 'Send DB quota warnings to admin';
$wb["overquota_db_notify_client_txt"] = 'Send DB quota warnings to client';
$wb['monitor_system_updates_txt'] = 'Check for Linux updates';
-$wb['php_handler_txt'] = "PHP Handler";
+$wb['php_handler_txt'] = "Default PHP Handler";
$wb['disabled_txt'] = 'Disabled';
$wb['dkim_strength_txt'] = 'DKIM strength';
$wb['monitor_system_updates_txt'] = 'Check for Linux updates';
@@ -260,4 +262,22 @@ $wb['cron_init_script_error_regex'] = 'Invalid cron init script.';
$wb['crontab_dir_error_regex'] = 'Invalid crontab directory.';
$wb['cron_wget_error_regex'] = 'Invalid cron wget path.';
$wb['network_filesystem_txt'] = 'Network Filesystem';
+$wb['php_ini_check_minutes_txt'] = 'Check php.ini every X minutes for changes';
+$wb['php_ini_check_minutes_error_empty'] = 'Please specify a value how often php.ini should be checked for changes.';
+$wb['php_ini_check_minutes_info_txt'] = '0 = no check';
+$wb['enable_spdy_txt'] = 'Makes SPDY available';
+
+// New for XMPP
+$wb['xmpp_server_txt'] = 'XMPP Server';
+$wb['xmpp_use_ipv6_txt'] = 'Use IPv6';
+$wb['xmpp_bosh_max_inactivity_txt'] = 'Max. BOSH inactivity time';
+$wb['xmpp_bosh_timeout_range_wrong'] = 'Please enter a bosh timeout range between 15 - 360';
+$wb['xmpp_module_saslauth'] = 'saslauth';
+$wb['xmpp_server_admins_txt'] = 'Server Admins (JIDs)';
+$wb['xmpp_modules_enabled_txt'] = 'Serverwide enabled plugins (one per line)';
+$wb['xmpp_ports_txt'] = 'Component ports';
+$wb['xmpp_port_http_txt'] = 'HTTP';
+$wb['xmpp_port_https_txt'] = 'HTTPS';
+$wb['xmpp_port_pastebin_txt'] = 'Pastebin';
+$wb['xmpp_port_bosh_txt'] = 'BOSH';
?>
diff --git a/interface/web/admin/lib/lang/en_server_list.lng b/interface/web/admin/lib/lang/en_server_list.lng
index 164468e700bb699c24e823da7f3626e58d5257ed..89a81fa43b06af831857246ace6ed47bd1460b06 100644
--- a/interface/web/admin/lib/lang/en_server_list.lng
+++ b/interface/web/admin/lib/lang/en_server_list.lng
@@ -10,4 +10,6 @@ $wb["vserver_server_txt"] = 'VServer';
$wb["proxy_server_txt"] = 'Proxy';
$wb["firewall_server_txt"] = 'Firewall';
$wb["add_new_record_txt"] = 'Add new Server';
+// New for XMPP
+$wb['xmpp_server_txt'] = 'XMPP';
?>
\ No newline at end of file
diff --git a/interface/web/admin/lib/lang/en_system_config.lng b/interface/web/admin/lib/lang/en_system_config.lng
index 3fa210f07d32d8ca3375463feca37927a989c265..f446bb3ed7aa6c2d6c67517b4f494e5efe098332 100644
--- a/interface/web/admin/lib/lang/en_system_config.lng
+++ b/interface/web/admin/lib/lang/en_system_config.lng
@@ -51,6 +51,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/en_users.lng b/interface/web/admin/lib/lang/en_users.lng
index 09b8ac3057382b237c0d5a9b17ad0225989f49ef..9c57f1db8bbbb4bf5acf4f5216a452252e880c47 100644
--- a/interface/web/admin/lib/lang/en_users.lng
+++ b/interface/web/admin/lib/lang/en_users.lng
@@ -31,4 +31,5 @@ $wb['password_mismatch_txt'] = 'The passwords do not match.';
$wb['password_match_txt'] = 'The passwords do match.';
$wb['username_error_collision'] = 'The username may not be web or web plus a number."';
$wb['client_not_admin_err'] = 'A user that belongs to a client can not be set to type: admin';
+$wb['lost_password_function_txt'] = 'Forgot password function is available';
?>
diff --git a/interface/web/admin/lib/lang/es_server_config.lng b/interface/web/admin/lib/lang/es_server_config.lng
index 83010f9113e903de7b6fde0efcc9d0a6d5230930..1c91d0dd6d68028433b77db8b2a79da72f5d0944 100644
--- a/interface/web/admin/lib/lang/es_server_config.lng
+++ b/interface/web/admin/lib/lang/es_server_config.lng
@@ -17,6 +17,7 @@ $wb['fastcgi_max_requests_txt'] = 'Peticiones máximas de FastCGI';
$wb['fastcgi_bin_txt'] = 'Binario de FastCGI';
$wb['module_txt'] = 'Módulo';
$wb['maildir_path_txt'] = 'Ruta de buzones';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Ruta base de correo';
$wb['mailuser_uid_txt'] = 'UID del usuario de correo';
$wb['mailuser_gid_txt'] = 'GID del usuario de correo';
@@ -30,6 +31,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Servidor de retransmisión';
$wb['relayhost_user_txt'] = 'Usuario de retransmisión';
$wb['relayhost_password_txt'] = 'Contraseña de retramisión';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Límite de tamaño del buzón';
$wb['message_size_limit_txt'] = 'Límite de tamaño del mensaje';
$wb['ip_address_txt'] = 'Dirección IP';
diff --git a/interface/web/admin/lib/lang/es_system_config.lng b/interface/web/admin/lib/lang/es_system_config.lng
index 41e61bf0c668e6b85f30739679a4426155304836..e51736b7fee90c22ce0600e681e3177e1b09ea79 100644
--- a/interface/web/admin/lib/lang/es_system_config.lng
+++ b/interface/web/admin/lib/lang/es_system_config.lng
@@ -46,6 +46,7 @@ $wb['use_combobox_txt'] = 'Usar Combobox de jQuery UI';
$wb['use_loadindicator_txt'] = 'Usar indicador de carga';
$wb['f5_to_reload_js_txt'] = 'Si cambias esto, podrías tener que pulsar F5 para que tu navegador recargue las librerías JavaScript o vacíar la caché del navegador.';
$wb['client_username_web_check_disabled_txt'] = "Desactivar comprobación de la palabra 'web' en el nombre de cliente.";
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Mostrar pestaña autoresponder en los detalles de la cuenta de correo';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Mostrar pestaña filtro de correo en los detalles de la cuenta de correo';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Mostrar pestaña filtros personalizados en los detalles de la cuenta de correo';
diff --git a/interface/web/admin/lib/lang/fi_server_config.lng b/interface/web/admin/lib/lang/fi_server_config.lng
index 4b77dd73a6790a0f38b38fc5110b57c309089d15..8ece953fe87473ca6a122c41146fd9fe86873593 100755
--- a/interface/web/admin/lib/lang/fi_server_config.lng
+++ b/interface/web/admin/lib/lang/fi_server_config.lng
@@ -17,6 +17,7 @@ $wb['fastcgi_max_requests_txt'] = 'FastCGI-pyyntöraja';
$wb['fastcgi_bin_txt'] = 'FastCGI-binääri';
$wb['module_txt'] = 'Ohjelmaosio';
$wb['maildir_path_txt'] = 'Postilaatikon hakemistopolku';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Kotikansion hakemistopolku';
$wb['mailuser_uid_txt'] = 'Käyttäjätunnus';
$wb['mailuser_gid_txt'] = 'Käyttäjäryhmä';
@@ -30,6 +31,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Edelleenlähetyspalvelin';
$wb['relayhost_user_txt'] = 'Edelleenlähetyspalvelimen käyttäjätunnus';
$wb['relayhost_password_txt'] = 'Edelleenlähetyspalvelimen salasana';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Postilaatikon koko';
$wb['message_size_limit_txt'] = 'Viestien enimmäiskoko';
$wb['ip_address_txt'] = 'IP-osoite';
diff --git a/interface/web/admin/lib/lang/fi_system_config.lng b/interface/web/admin/lib/lang/fi_system_config.lng
index 7d840b58d2377be5a2aa0379c195e1eb55d26735..6e1239e51ed45bc39d4e97b132c0d7061207c4dd 100755
--- a/interface/web/admin/lib/lang/fi_system_config.lng
+++ b/interface/web/admin/lib/lang/fi_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/fr_server_config.lng b/interface/web/admin/lib/lang/fr_server_config.lng
index a7a71a5efb9eb8aac1d87168acdd8496853d81f4..d566538a5c46b7facb9e49137b2c4ba73853f37e 100644
--- a/interface/web/admin/lib/lang/fr_server_config.lng
+++ b/interface/web/admin/lib/lang/fr_server_config.lng
@@ -17,6 +17,7 @@ $wb['fastcgi_max_requests_txt'] = 'Nombre maximal de requês FastCGI';
$wb['fastcgi_bin_txt'] = 'Exétable FastCGI';
$wb['module_txt'] = 'Module';
$wb['maildir_path_txt'] = 'Chemin Maildir';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Chemin Homedir';
$wb['mailuser_uid_txt'] = 'UID de l\'utilisateur mail';
$wb['mailuser_gid_txt'] = 'GID de l\'utilisateur mail';
@@ -25,6 +26,7 @@ $wb['mailuser_group_txt'] = 'Groupe de l\'utilisateur mail';
$wb['relayhost_txt'] = 'Hôde relais';
$wb['relayhost_user_txt'] = 'Utilisateur du relais';
$wb['relayhost_password_txt'] = 'Mot de passe du relais';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Taille maximale de la boite mail';
$wb['message_size_limit_txt'] = 'Taille maximale des messages';
$wb['ip_address_txt'] = 'Adresse IP';
diff --git a/interface/web/admin/lib/lang/fr_system_config.lng b/interface/web/admin/lib/lang/fr_system_config.lng
index b6db6d72ffcf4f8ed054b32431da96ac1068d408..1fb0643fce20db56db49fe9ed7b65e06db29ea27 100644
--- a/interface/web/admin/lib/lang/fr_system_config.lng
+++ b/interface/web/admin/lib/lang/fr_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/hr_server_config.lng b/interface/web/admin/lib/lang/hr_server_config.lng
index 2ebcae6bb793954731a2b671dffc8267338a9fe8..4a73d3f63a262f388b7dc8ae7d0775d2c6dee57c 100644
--- a/interface/web/admin/lib/lang/hr_server_config.lng
+++ b/interface/web/admin/lib/lang/hr_server_config.lng
@@ -18,6 +18,7 @@ $wb['fastcgi_max_requests_txt'] = 'Maks. broj FastCGI zahtjeva';
$wb['fastcgi_bin_txt'] = 'FastCGI Bin';
$wb['module_txt'] = 'Modul';
$wb['maildir_path_txt'] = 'Put do Maildir-a';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Put do početne stranice';
$wb['mailuser_uid_txt'] = 'Mailuser UID';
$wb['mailuser_gid_txt'] = 'Mailuser GID';
@@ -31,6 +32,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Relayhost';
$wb['relayhost_user_txt'] = 'Relayhost korisnik';
$wb['relayhost_password_txt'] = 'Relayhost šifra';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Dozvoljena veličina mailboxa';
$wb['message_size_limit_txt'] = 'Dozvoljena veličina emaila';
$wb['ip_address_txt'] = 'IP adresa';
diff --git a/interface/web/admin/lib/lang/hr_system_config.lng b/interface/web/admin/lib/lang/hr_system_config.lng
index fe9b89f85f8f7abc0b63c018818ecb4cad2a6f55..3827e3a5ba732c4d11d3e1b94ad281f168c854f2 100644
--- a/interface/web/admin/lib/lang/hr_system_config.lng
+++ b/interface/web/admin/lib/lang/hr_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/hu_server_config.lng b/interface/web/admin/lib/lang/hu_server_config.lng
index ecbef137e40c7419534f1338cd8412b360fab7ff..b29b74413dd9cb48f2c375780d718eea0b2f35f0 100644
--- a/interface/web/admin/lib/lang/hu_server_config.lng
+++ b/interface/web/admin/lib/lang/hu_server_config.lng
@@ -17,6 +17,7 @@ $wb['fastcgi_max_requests_txt'] = 'FastCGI max. Requests';
$wb['fastcgi_bin_txt'] = 'FastCGI Bin';
$wb['module_txt'] = 'Modul';
$wb['maildir_path_txt'] = 'Maildir Path';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Homedir Path';
$wb['mailuser_uid_txt'] = 'Mailuser UID';
$wb['mailuser_gid_txt'] = 'Mailuser GID';
@@ -30,6 +31,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Relayhost';
$wb['relayhost_user_txt'] = 'Relayhost User';
$wb['relayhost_password_txt'] = 'Relayhost Password';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Mailbox Size Limit';
$wb['message_size_limit_txt'] = 'Message Size Limit';
$wb['ip_address_txt'] = 'IP Address';
diff --git a/interface/web/admin/lib/lang/hu_system_config.lng b/interface/web/admin/lib/lang/hu_system_config.lng
index d6d6224fe386853e7a6e739c0eaae64ca145ad82..37ca447bf8cecfe9b0e6e32f751528b70c23362b 100644
--- a/interface/web/admin/lib/lang/hu_system_config.lng
+++ b/interface/web/admin/lib/lang/hu_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/id_server_config.lng b/interface/web/admin/lib/lang/id_server_config.lng
index f9a26e2b1cfadca55ad01003b9517153fcd9b0fe..930a58cbf77b74dcaf18f6f37be2580051d28783 100644
--- a/interface/web/admin/lib/lang/id_server_config.lng
+++ b/interface/web/admin/lib/lang/id_server_config.lng
@@ -19,6 +19,7 @@ $wb['fastcgi_max_requests_txt'] = 'Maks. Request FastCGI';
$wb['fastcgi_bin_txt'] = 'FastCGI Bin';
$wb['module_txt'] = 'Modul';
$wb['maildir_path_txt'] = 'Path Direktori Mail';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Path Direktori Home';
$wb['mailuser_uid_txt'] = 'UID Pengguna Mail';
$wb['mailuser_gid_txt'] = 'GID Pengguna Mail';
@@ -32,6 +33,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Relayhost';
$wb['relayhost_user_txt'] = 'Pengguna Relayhost';
$wb['relayhost_password_txt'] = 'Kata Sandi Relayhost';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Batasan Ukuran Mailbox';
$wb['message_size_limit_txt'] = 'Batasan Ukuran Pesan';
$wb['ip_address_txt'] = 'Alamat IP';
diff --git a/interface/web/admin/lib/lang/id_system_config.lng b/interface/web/admin/lib/lang/id_system_config.lng
index 7baf01798ba5b89ca6cdb3938d94305da3ed3070..d4f262573db50ce6e0afa931b2ac6c5f0bf316bf 100644
--- a/interface/web/admin/lib/lang/id_system_config.lng
+++ b/interface/web/admin/lib/lang/id_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/it_server_config.lng b/interface/web/admin/lib/lang/it_server_config.lng
index 52913e30939db91f54b004a74d0ebbeb8e1ca361..cba103ff83efa4c759d66dce0e7226c1aa68b650 100644
--- a/interface/web/admin/lib/lang/it_server_config.lng
+++ b/interface/web/admin/lib/lang/it_server_config.lng
@@ -16,6 +16,7 @@ $wb['fastcgi_max_requests_txt'] = 'FastCGI max. Requests';
$wb['fastcgi_bin_txt'] = 'FastCGI Bin';
$wb['module_txt'] = 'Module';
$wb['maildir_path_txt'] = 'Maildir Path';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Homedir Path';
$wb['mailuser_uid_txt'] = 'Mailuser UID';
$wb['mailuser_gid_txt'] = 'Mailuser GID';
@@ -29,6 +30,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Relayhost';
$wb['relayhost_user_txt'] = 'Relayhost User';
$wb['relayhost_password_txt'] = 'Relayhost Password';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Mailbox Size Limit';
$wb['message_size_limit_txt'] = 'Message Size Limit';
$wb['ip_address_txt'] = 'Indirizzo IP';
diff --git a/interface/web/admin/lib/lang/it_system_config.lng b/interface/web/admin/lib/lang/it_system_config.lng
index 9f151ca9ec8a6f7f87a0fbb38309593f51bde31b..9d00c8d75a43e0d0ab13f5e43cb1224994329bae 100644
--- a/interface/web/admin/lib/lang/it_system_config.lng
+++ b/interface/web/admin/lib/lang/it_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/ja_server_config.lng b/interface/web/admin/lib/lang/ja_server_config.lng
index 0823ff0c2d5b8954c520817dcfd95de36a89835d..37fb09ac5d5b968106fa30915905c3ed16ea65ee 100644
--- a/interface/web/admin/lib/lang/ja_server_config.lng
+++ b/interface/web/admin/lib/lang/ja_server_config.lng
@@ -19,6 +19,7 @@ $wb['fastcgi_max_requests_txt'] = 'FastCGI 最大リクエスト数';
$wb['fastcgi_bin_txt'] = 'FastCGI実行ファイル';
$wb['module_txt'] = 'モジュール';
$wb['maildir_path_txt'] = 'メールディレクトリ';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'ホームディレクトリ';
$wb['mailuser_uid_txt'] = 'メールユーザーのUID';
$wb['mailuser_gid_txt'] = 'メールユーザーのGID';
@@ -32,6 +33,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'リレーホスト';
$wb['relayhost_user_txt'] = 'リレーホストユーザー';
$wb['relayhost_password_txt'] = 'リレーホストパスワード';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'メールボックスのサイズ';
$wb['message_size_limit_txt'] = 'メッセージの最大サイズ';
$wb['ip_address_txt'] = 'IPアドレス';
diff --git a/interface/web/admin/lib/lang/ja_system_config.lng b/interface/web/admin/lib/lang/ja_system_config.lng
index 7800e3f8e46d53014b56555df3e8832b3f68b7ad..e81768d8750b1dc7ac78ca9d5a7baa87a6733f22 100644
--- a/interface/web/admin/lib/lang/ja_system_config.lng
+++ b/interface/web/admin/lib/lang/ja_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/nl_server_config.lng b/interface/web/admin/lib/lang/nl_server_config.lng
index 5027cc39d7fad190820c9537281cba8c32839f23..44eea44022391b7ef440f55b376359cbb0631b9f 100644
--- a/interface/web/admin/lib/lang/nl_server_config.lng
+++ b/interface/web/admin/lib/lang/nl_server_config.lng
@@ -19,6 +19,7 @@ $wb['fastcgi_max_requests_txt'] = 'FastCGI max. gequests';
$wb['fastcgi_bin_txt'] = 'FastCGI bin';
$wb['module_txt'] = 'Module';
$wb['maildir_path_txt'] = 'Maildir pad';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Homedir pad';
$wb['mailuser_uid_txt'] = 'Mailuser UID';
$wb['mailuser_gid_txt'] = 'Mailuser GID';
@@ -32,6 +33,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Relayhost';
$wb['relayhost_user_txt'] = 'Relayhost gebruiker';
$wb['relayhost_password_txt'] = 'Relayhost wachtwoord';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Mailbox grootte limiet';
$wb['message_size_limit_txt'] = 'Message grootte limiet';
$wb['ip_address_txt'] = 'IP adres';
diff --git a/interface/web/admin/lib/lang/nl_system_config.lng b/interface/web/admin/lib/lang/nl_system_config.lng
index 07d5bffbf30d07992e770da16bbae74d946d5472..6f1a6fb514e828508635eed3d6e1276e6c22e714 100644
--- a/interface/web/admin/lib/lang/nl_system_config.lng
+++ b/interface/web/admin/lib/lang/nl_system_config.lng
@@ -51,6 +51,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/pl_server_config.lng b/interface/web/admin/lib/lang/pl_server_config.lng
index 64f41d203c930a9edee4420f3753a156a9b1cd7f..5e17c41c53150e74d9c4df497319fd4ef7256b3c 100644
--- a/interface/web/admin/lib/lang/pl_server_config.lng
+++ b/interface/web/admin/lib/lang/pl_server_config.lng
@@ -19,6 +19,7 @@ $wb['fastcgi_max_requests_txt'] = 'Maksymalna ilość zadań FastCGI';
$wb['fastcgi_bin_txt'] = 'Kosz FastCGI';
$wb['module_txt'] = 'Moduł';
$wb['maildir_path_txt'] = 'Adres poczty e-mail';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Bazowy adres poczty e-mail';
$wb['mailuser_uid_txt'] = 'UID użytkownika e-mail';
$wb['mailuser_gid_txt'] = 'GID użytkownika e-mail';
@@ -32,6 +33,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Adres Relayhost';
$wb['relayhost_user_txt'] = 'Użytkownik Relayhost';
$wb['relayhost_password_txt'] = 'Hasło Relayhost';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Maksymalna wielkość skrzynki pocztowej';
$wb['message_size_limit_txt'] = 'Maksymalna wielkość wiadomości';
$wb['ip_address_txt'] = 'Adres IP';
diff --git a/interface/web/admin/lib/lang/pl_system_config.lng b/interface/web/admin/lib/lang/pl_system_config.lng
index 792fb899277b23f249a744072fc8928f866920ba..402390688fc55f57c1ec047bdf1757eb91d111d0 100644
--- a/interface/web/admin/lib/lang/pl_system_config.lng
+++ b/interface/web/admin/lib/lang/pl_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Użyj jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Użyj wskaźnika ładowania';
$wb['f5_to_reload_js_txt'] = 'Jeżeli zmienisz to, możesz potrzebować wcisnąć F5 lub wyczyścić cache aby przeglądarka przeładowała biblioteki JavaScript.';
$wb['client_username_web_check_disabled_txt'] = 'Wyłącz sprawdzanie nazwy klienta w poszukiwaniu słowa -web-.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Pokaż zakładkę autorespondera w szczegółach konta email.';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Pokaż zakładkę filtra email w szczegółach konta email.';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Pokaż zakładkę własnych filtrów email w szczegółach konta email.';
diff --git a/interface/web/admin/lib/lang/pt_server_config.lng b/interface/web/admin/lib/lang/pt_server_config.lng
index 5315bf94753c0ff3fb5e0272fcba1c9726c1a595..adf708552fa2a1f5aa107cdaed7132dfef614bbc 100644
--- a/interface/web/admin/lib/lang/pt_server_config.lng
+++ b/interface/web/admin/lib/lang/pt_server_config.lng
@@ -18,6 +18,7 @@ $wb['fastcgi_max_requests_txt'] = 'FastCGI: Requisições máximas';
$wb['fastcgi_bin_txt'] = 'FastCGI Bin';
$wb['module_txt'] = 'Módulo';
$wb['maildir_path_txt'] = 'Pasta do Maildir';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Pasta Home';
$wb['mailuser_uid_txt'] = 'UID utilizador de email';
$wb['mailuser_gid_txt'] = 'GID utilizador de email';
@@ -31,6 +32,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Host Relay';
$wb['relayhost_user_txt'] = 'Utilizador do Host Relay';
$wb['relayhost_password_txt'] = 'Senha do Host Relay';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Tamanho máximo da Caixa Postal';
$wb['message_size_limit_txt'] = 'Tamanho máximo de mensagem';
$wb['ip_address_txt'] = 'Endereço IP';
diff --git a/interface/web/admin/lib/lang/pt_system_config.lng b/interface/web/admin/lib/lang/pt_system_config.lng
index e79ae6a73e074b7dae9f69cd4e475b894b58f3c6..30d73f45b2b5c112235ef9f9b612742accecd996 100644
--- a/interface/web/admin/lib/lang/pt_system_config.lng
+++ b/interface/web/admin/lib/lang/pt_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/ro_server_config.lng b/interface/web/admin/lib/lang/ro_server_config.lng
index 9f06bc63b6135d95858b5894ea456b2db6468b86..a7ab9bc889b35efd1fa32d5b17f463cc93d385c4 100644
--- a/interface/web/admin/lib/lang/ro_server_config.lng
+++ b/interface/web/admin/lib/lang/ro_server_config.lng
@@ -18,6 +18,7 @@ $wb['fastcgi_max_requests_txt'] = 'FastCGI max. Requests';
$wb['fastcgi_bin_txt'] = 'FastCGI Bin';
$wb['module_txt'] = 'Module';
$wb['maildir_path_txt'] = 'Maildir Path';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Homedir Path';
$wb['mailuser_uid_txt'] = 'Mailuser UID';
$wb['mailuser_gid_txt'] = 'Mailuser GID';
@@ -31,6 +32,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Relayhost';
$wb['relayhost_user_txt'] = 'Relayhost User';
$wb['relayhost_password_txt'] = 'Relayhost Password';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Mailbox Size Limit';
$wb['message_size_limit_txt'] = 'Message Size Limit';
$wb['ip_address_txt'] = 'IP Address';
diff --git a/interface/web/admin/lib/lang/ro_system_config.lng b/interface/web/admin/lib/lang/ro_system_config.lng
index a56ea013eace59442272a77fad75e866ae7e3395..d2d91931d0ffce018c319bf82c5fe224a42a236c 100644
--- a/interface/web/admin/lib/lang/ro_system_config.lng
+++ b/interface/web/admin/lib/lang/ro_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/ru_server_config.lng b/interface/web/admin/lib/lang/ru_server_config.lng
index 77fc101d006753181a2e30dd03c7b7cadb7bf6e0..6a4080a12bc59849f8686bd73ccc51f127804d6b 100644
--- a/interface/web/admin/lib/lang/ru_server_config.lng
+++ b/interface/web/admin/lib/lang/ru_server_config.lng
@@ -16,6 +16,7 @@ $wb['fastcgi_max_requests_txt'] = 'Макс.запросов для FastCGI';
$wb['fastcgi_bin_txt'] = 'FastCGI Bin';
$wb['module_txt'] = 'Модуль';
$wb['maildir_path_txt'] = 'Путь Maildir';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Путь Homedir';
$wb['mailuser_uid_txt'] = 'Mailuser UID';
$wb['mailuser_gid_txt'] = 'Mailuser GID';
@@ -29,6 +30,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Relay-хост';
$wb['relayhost_user_txt'] = 'Логин Relay-хоста';
$wb['relayhost_password_txt'] = 'Пароль Relay-хоста';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Лимит размера Mailbox';
$wb['message_size_limit_txt'] = 'Лимит размера сообщения';
$wb['ip_address_txt'] = 'IP-адрес';
diff --git a/interface/web/admin/lib/lang/ru_system_config.lng b/interface/web/admin/lib/lang/ru_system_config.lng
index fdfb9d0657198fb808d6d4ac2941fbd315ee8c4d..a3a610c3b0b5aee1f5187ca3312cd0a74289288f 100644
--- a/interface/web/admin/lib/lang/ru_system_config.lng
+++ b/interface/web/admin/lib/lang/ru_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/se_server_config.lng b/interface/web/admin/lib/lang/se_server_config.lng
index b5d5ea17c5327a85b714151b7fc532bb0f68d1e4..5818cfacb3832063a9f507675ba0e0948c8a05aa 100644
--- a/interface/web/admin/lib/lang/se_server_config.lng
+++ b/interface/web/admin/lib/lang/se_server_config.lng
@@ -17,6 +17,7 @@ $wb['fastcgi_max_requests_txt'] = 'FastCGI max. Requests';
$wb['fastcgi_bin_txt'] = 'FastCGI Bin';
$wb['module_txt'] = 'Module';
$wb['maildir_path_txt'] = 'Maildir Path';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Homedir Path';
$wb['mailuser_uid_txt'] = 'Mailuser UID';
$wb['mailuser_gid_txt'] = 'Mailuser GID';
@@ -30,6 +31,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Relayhost';
$wb['relayhost_user_txt'] = 'Relayhost User';
$wb['relayhost_password_txt'] = 'Relayhost Password';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Mailbox Size Limit';
$wb['message_size_limit_txt'] = 'Message Size Limit';
$wb['ip_address_txt'] = 'IP Address';
diff --git a/interface/web/admin/lib/lang/se_system_config.lng b/interface/web/admin/lib/lang/se_system_config.lng
index 97850cd15881e66dd08900db984c426cbce16346..0a6a60b7228ba0065c5276516dcfc5e458323d47 100644
--- a/interface/web/admin/lib/lang/se_system_config.lng
+++ b/interface/web/admin/lib/lang/se_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Använd jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Använd laddningsindikator';
$wb['f5_to_reload_js_txt'] = 'Om du ändrar detta kan du behöva trycka F5 för att ladda om javascript, eller rensa din webbläsarcache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Visa autosvarsfliken vid detaljerna för epostkonto';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Visa epostfilterfliken vid detaljerna för epostkonto';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/sk_server_config.lng b/interface/web/admin/lib/lang/sk_server_config.lng
index d480430d7226530662db6a66a75a117ae7554cbe..392664b7e20407706703348d019ab7b0ac1dcc0d 100644
--- a/interface/web/admin/lib/lang/sk_server_config.lng
+++ b/interface/web/admin/lib/lang/sk_server_config.lng
@@ -19,6 +19,7 @@ $wb['fastcgi_max_requests_txt'] = 'FastCGI max. Requests';
$wb['fastcgi_bin_txt'] = 'FastCGI Bin';
$wb['module_txt'] = 'Modul';
$wb['maildir_path_txt'] = 'Maildir Cesta';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Cesta k domovskému adresáru';
$wb['mailuser_uid_txt'] = 'Mailuser UID';
$wb['mailuser_gid_txt'] = 'Mailuser GID';
@@ -32,6 +33,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Relayhost';
$wb['relayhost_user_txt'] = 'Relayhost uživateľ';
$wb['relayhost_password_txt'] = 'Relayhost heslo';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Limit ve?kosti poštovej schránky';
$wb['message_size_limit_txt'] = 'Limit ve?kosti správy';
$wb['ip_address_txt'] = 'IP Adresa';
diff --git a/interface/web/admin/lib/lang/sk_system_config.lng b/interface/web/admin/lib/lang/sk_system_config.lng
index 8a5129170aff0b298609d3ee8ab41afcc6461ed5..0a4c0adaccd8a80baa92fad18e216a24e7fa64f2 100644
--- a/interface/web/admin/lib/lang/sk_system_config.lng
+++ b/interface/web/admin/lib/lang/sk_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/lang/tr_server_config.lng b/interface/web/admin/lib/lang/tr_server_config.lng
index 8b08efe00477e84f20c6960e373c367a11b9e897..60a24ee48b2c987512470c342a821be050ba9059 100644
--- a/interface/web/admin/lib/lang/tr_server_config.lng
+++ b/interface/web/admin/lib/lang/tr_server_config.lng
@@ -19,6 +19,7 @@ $wb['fastcgi_max_requests_txt'] = 'FastCGI max. Requests';
$wb['fastcgi_bin_txt'] = 'FastCGI Bin';
$wb['module_txt'] = 'Modül';
$wb['maildir_path_txt'] = 'Mail dizini yolu';
+$wb['maildir_format_txt'] = 'Maildir Format';
$wb['homedir_path_txt'] = 'Kullanıcı dizini yolu';
$wb['mailuser_uid_txt'] = 'Mail kullanıcısı UID';
$wb['mailuser_gid_txt'] = 'Mail kullanıcısı GID';
@@ -32,6 +33,7 @@ $wb['mailbox_virtual_uidgid_maps_error_alreadyusers'] = 'Uid-mapping cannot be c
$wb['relayhost_txt'] = 'Relayhost';
$wb['relayhost_user_txt'] = 'Relayhost Kullanıcı';
$wb['relayhost_password_txt'] = 'Relayhost Şifre';
+$wb['reject_sender_login_mismatch_txt'] = 'Reject sender and login mismatch';
$wb['mailbox_size_limit_txt'] = 'Mail kutusu boyutu';
$wb['message_size_limit_txt'] = 'Mesaj boyutu';
$wb['ip_address_txt'] = 'IP Adresleri';
diff --git a/interface/web/admin/lib/lang/tr_system_config.lng b/interface/web/admin/lib/lang/tr_system_config.lng
index 621f821470772f206e3c983cce9872defa53910b..d652b915e57b72ff7f2c6207c52d2565dad35766 100644
--- a/interface/web/admin/lib/lang/tr_system_config.lng
+++ b/interface/web/admin/lib/lang/tr_system_config.lng
@@ -48,6 +48,7 @@ $wb['use_combobox_txt'] = 'Use jQuery UI Combobox';
$wb['use_loadindicator_txt'] = 'Use Load Indicator';
$wb['f5_to_reload_js_txt'] = 'If you change this, you might have to press F5 to make the browser reload JavaScript libraries or empty your browser cache.';
$wb['client_username_web_check_disabled_txt'] = 'Disable client username check for the word \'web\'.';
+$wb['backups_include_into_web_quota_txt'] = 'Include backup files into web quota.';
$wb['mailbox_show_autoresponder_tab_txt'] = 'Show autoresponder tab in mail account details';
$wb['mailbox_show_mail_filter_tab_txt'] = 'Show mail filter tab in mail account details';
$wb['mailbox_show_custom_rules_tab_txt'] = 'Show custom mailfilter tab in mail account details';
diff --git a/interface/web/admin/lib/module.conf.php b/interface/web/admin/lib/module.conf.php
index 7f4d19da1abd456a7027fdd6729994edc67b2a90..727f7a2d5555918be7282dd705bf8e2f745f72b4 100644
--- a/interface/web/admin/lib/module.conf.php
+++ b/interface/web/admin/lib/module.conf.php
@@ -7,6 +7,7 @@ $module['title'] = 'top_menu_system';
$module['template'] = 'module.tpl.htm';
$module['startpage'] = 'admin/server_list.php';
$module['tab_width'] = '60';
+$module['order'] = '90';
$items[] = array( 'title' => 'CP Users',
diff --git a/interface/web/admin/list/directive_snippets.list.php b/interface/web/admin/list/directive_snippets.list.php
index 8522e076414ec05fbb33592aa9a951a816a2b92d..078cebf8608ed82d12ad8f5cc1d12d1d5f1990ff 100644
--- a/interface/web/admin/list/directive_snippets.list.php
+++ b/interface/web/admin/list/directive_snippets.list.php
@@ -54,7 +54,7 @@ $liste["item"][] = array( 'field' => "active",
'prefix' => "",
'suffix' => "",
'width' => "",
- 'value' => array('y' => "Yes ", 'n' => "No "));
+ 'value' => array('y' => "".$app->lng('yes_txt')." ", 'n' => "".$app->lng('no_txt')." "));
$liste["item"][] = array( 'field' => "name",
@@ -74,5 +74,14 @@ $liste["item"][] = array( 'field' => "type",
'suffix' => "",
'width' => "",
'value' => array('apache' => 'Apache', 'nginx' => 'nginx', 'php' => 'PHP', 'proxy' => 'Proxy'));
+
+$liste["item"][] = array( 'field' => "customer_viewable",
+ 'datatype' => "VARCHAR",
+ 'formtype' => "SELECT",
+ 'op' => "=",
+ 'prefix' => "",
+ 'suffix' => "",
+ 'width' => "",
+ 'value' => array('y' => "".$app->lng('yes_txt')." ", 'n' => "".$app->lng('no_txt')." "));
?>
diff --git a/interface/web/admin/list/firewall.list.php b/interface/web/admin/list/firewall.list.php
index 058e86c804cfa730fdbed654b2a6ec18a76a8fff..786b7b848ae756f78a69e987b0af7a98a6cfdfed 100644
--- a/interface/web/admin/list/firewall.list.php
+++ b/interface/web/admin/list/firewall.list.php
@@ -54,7 +54,7 @@ $liste["item"][] = array( 'field' => "active",
'prefix' => "",
'suffix' => "",
'width' => "",
- 'value' => array('y' => "Yes ", 'n' => "No "));
+ 'value' => array('y' => "".$app->lng('yes_txt')." ", 'n' => "".$app->lng('no_txt')." "));
$liste["item"][] = array( 'field' => "server_id",
'datatype' => "VARCHAR",
diff --git a/interface/web/admin/list/iptables.list.php b/interface/web/admin/list/iptables.list.php
index ad487e5b6baf5a688561385956414907d32be758..3ad78404ea4c195e8d35cdd79f9fec4338fe1f97 100644
--- a/interface/web/admin/list/iptables.list.php
+++ b/interface/web/admin/list/iptables.list.php
@@ -18,14 +18,14 @@ $liste["item"][] = array( 'field' => "active",
'prefix' => "",
'suffix' => "",
'width' => "",
- 'value' => array("y" => "Yes ", "n" => "No "));
+ 'value' => array("y" => "".$app->lng('yes_txt')." ", "n" => "".$app->lng('no_txt')." "));
$liste["item"][] = array( 'field' => "server_id",
- 'datatype' => "VARCHAR",
+ 'datatype' => "INTEGER",
'formtype' => "SELECT",
- 'op' => "like",
- 'prefix' => "%",
- 'suffix' => "%",
+ 'op' => "=",
+ 'prefix' => "",
+ 'suffix' => "",
'datasource' => array ( 'type' => "SQL",
'querystring' => "SELECT server_id,server_name FROM server WHERE {AUTHSQL} AND db_server = 1 ORDER BY server_name",
'keyfield'=> "server_id",
diff --git a/interface/web/admin/list/server.list.php b/interface/web/admin/list/server.list.php
index 0309b7a3c1a60c69ad152ff884a925743ac8bbe9..9ca54c07d5d2df744ac530f6898792264a666d25 100644
--- a/interface/web/admin/list/server.list.php
+++ b/interface/web/admin/list/server.list.php
@@ -63,7 +63,7 @@ $liste['item'][] = array( 'field' => 'mail_server',
'prefix' => '%',
'suffix' => '%',
'width' => '',
- 'value' => array('1' => "Yes ", '0' => "No "));
+ 'value' => array('1' => "".$app->lng('yes_txt')." ", '0' => "".$app->lng('no_txt')." "));
$liste['item'][] = array( 'field' => 'web_server',
'datatype' => 'VARCHAR',
@@ -72,7 +72,7 @@ $liste['item'][] = array( 'field' => 'web_server',
'prefix' => '%',
'suffix' => '%',
'width' => '',
- 'value' => array('1' => "Yes ", '0' => "No "));
+ 'value' => array('1' => "".$app->lng('yes_txt')." ", '0' => "".$app->lng('no_txt')." "));
$liste['item'][] = array( 'field' => 'dns_server',
'datatype' => 'VARCHAR',
@@ -81,7 +81,7 @@ $liste['item'][] = array( 'field' => 'dns_server',
'prefix' => '%',
'suffix' => '%',
'width' => '',
- 'value' => array('1' => "Yes ", '0' => "No "));
+ 'value' => array('1' => "".$app->lng('yes_txt')." ", '0' => "".$app->lng('no_txt')." "));
$liste['item'][] = array( 'field' => 'file_server',
'datatype' => 'VARCHAR',
@@ -90,7 +90,7 @@ $liste['item'][] = array( 'field' => 'file_server',
'prefix' => '%',
'suffix' => '%',
'width' => '',
- 'value' => array('1' => "Yes ", '0' => "No "));
+ 'value' => array('1' => "".$app->lng('yes_txt')." ", '0' => "".$app->lng('no_txt')." "));
$liste['item'][] = array( 'field' => 'db_server',
'datatype' => 'VARCHAR',
@@ -99,7 +99,7 @@ $liste['item'][] = array( 'field' => 'db_server',
'prefix' => '%',
'suffix' => '%',
'width' => '',
- 'value' => array('1' => "Yes ", '0' => "No "));
+ 'value' => array('1' => "".$app->lng('yes_txt')." ", '0' => "".$app->lng('no_txt')." "));
$liste['item'][] = array( 'field' => 'vserver_server',
'datatype' => 'VARCHAR',
@@ -108,6 +108,15 @@ $liste['item'][] = array( 'field' => 'vserver_server',
'prefix' => '%',
'suffix' => '%',
'width' => '',
- 'value' => array('1' => "Yes ", '0' => "No "));
+ 'value' => array('1' => "".$app->lng('yes_txt')." ", '0' => "".$app->lng('no_txt')." "));
+
+$liste['item'][] = array( 'field' => 'xmpp_server',
+ 'datatype' => 'VARCHAR',
+ 'formtype' => 'SELECT',
+ 'op' => 'like',
+ 'prefix' => '%',
+ 'suffix' => '%',
+ 'width' => '',
+ 'value' => array('1' => "".$app->lng('yes_txt')." ", '0' => "".$app->lng('no_txt')." "));
?>
diff --git a/interface/web/admin/list/server_ip.list.php b/interface/web/admin/list/server_ip.list.php
index dba0c68cb1129b58210479614da81a448b52797e..41ac76e2a9dd67409c9b4a99a29021df789779fa 100644
--- a/interface/web/admin/list/server_ip.list.php
+++ b/interface/web/admin/list/server_ip.list.php
@@ -45,11 +45,11 @@ $liste['auth'] = 'no';
*****************************************************/
$liste['item'][] = array( 'field' => 'server_id',
- 'datatype' => 'VARCHAR',
+ 'datatype' => 'INTEGER',
'formtype' => 'SELECT',
- 'op' => 'like',
- 'prefix' => '%',
- 'suffix' => '%',
+ 'op' => '=',
+ 'prefix' => '',
+ 'suffix' => '',
'datasource' => array ( 'type' => 'SQL',
'querystring' => 'SELECT server_id,server_name FROM server WHERE {AUTHSQL} ORDER BY server_name',
'keyfield'=> 'server_id',
@@ -59,11 +59,11 @@ $liste['item'][] = array( 'field' => 'server_id',
'value' => '');
$liste['item'][] = array( 'field' => 'client_id',
- 'datatype' => 'VARCHAR',
+ 'datatype' => 'INTEGER',
'formtype' => 'SELECT',
- 'op' => 'like',
- 'prefix' => '%',
- 'suffix' => '%',
+ 'op' => '=',
+ 'prefix' => '',
+ 'suffix' => '',
'datasource' => array ( 'type' => 'SQL',
'querystring' => 'SELECT client_id,contact_name FROM client WHERE {AUTHSQL} ORDER BY contact_name',
'keyfield'=> 'client_id',
@@ -95,7 +95,7 @@ $liste["item"][] = array( 'field' => "virtualhost",
'prefix' => "",
'suffix' => "",
'width' => "",
- 'value' => array('y' => "Yes ", 'n' => "No "));
+ 'value' => array('y' => "".$app->lng('yes_txt')." ", 'n' => "".$app->lng('no_txt')." "));
$liste['item'][] = array( 'field' => 'virtualhost_port',
diff --git a/interface/web/admin/list/server_php.list.php b/interface/web/admin/list/server_php.list.php
index ce8944d5a85e87ce3a4ae5e3874dd6162c53c85d..2414cb8fec37d2c71ad71081afd8a80a3dce6609 100644
--- a/interface/web/admin/list/server_php.list.php
+++ b/interface/web/admin/list/server_php.list.php
@@ -45,11 +45,11 @@ $liste['auth'] = 'no';
*****************************************************/
$liste['item'][] = array( 'field' => 'server_id',
- 'datatype' => 'VARCHAR',
+ 'datatype' => 'INTEGER',
'formtype' => 'SELECT',
- 'op' => 'like',
- 'prefix' => '%',
- 'suffix' => '%',
+ 'op' => '=',
+ 'prefix' => '',
+ 'suffix' => '',
'datasource' => array ( 'type' => 'SQL',
'querystring' => 'SELECT server_id,server_name FROM server WHERE {AUTHSQL} ORDER BY server_name',
'keyfield'=> 'server_id',
@@ -59,11 +59,11 @@ $liste['item'][] = array( 'field' => 'server_id',
'value' => '');
$liste['item'][] = array( 'field' => 'client_id',
- 'datatype' => 'VARCHAR',
+ 'datatype' => 'INTEGER',
'formtype' => 'SELECT',
- 'op' => 'like',
- 'prefix' => '%',
- 'suffix' => '%',
+ 'op' => '=',
+ 'prefix' => '',
+ 'suffix' => '',
'datasource' => array ( 'type' => 'SQL',
'querystring' => 'SELECT client_id,contact_name FROM client WHERE {AUTHSQL} ORDER BY contact_name',
'keyfield'=> 'client_id',
diff --git a/interface/web/admin/list/software_repo.list.php b/interface/web/admin/list/software_repo.list.php
index 2eb3dd520eeb4d74bd39184f39879b9f6e6c237f..824c66d6d9d29f0ae04727cd605535f272573b71 100644
--- a/interface/web/admin/list/software_repo.list.php
+++ b/interface/web/admin/list/software_repo.list.php
@@ -54,7 +54,7 @@ $liste["item"][] = array( 'field' => "active",
'prefix' => "",
'suffix' => "",
'width' => "",
- 'value' => array('y' => "Yes ", 'n' => "No "));
+ 'value' => array('y' => "".$app->lng('yes_txt')." ", 'n' => "".$app->lng('no_txt')." "));
$liste["item"][] = array( 'field' => "repo_name",
'datatype' => "VARCHAR",
diff --git a/interface/web/admin/list/users.list.php b/interface/web/admin/list/users.list.php
index b260c2b3c652f01b5c61c277c58d4c3ae7688dbb..53e3f440a6f6e76f6c79e0eb16610ee0bb45c61c 100644
--- a/interface/web/admin/list/users.list.php
+++ b/interface/web/admin/list/users.list.php
@@ -60,7 +60,7 @@ $liste["item"][] = array( 'field' => "active",
'prefix' => "",
'suffix' => "",
'width' => "",
- 'value' => array('1' => "Yes ", '0' => "No "));
+ 'value' => array('1' => "".$app->lng('yes_txt')." ", '0' => "".$app->lng('no_txt')." "));
$liste['item'][] = array( 'field' => 'username',
'datatype' => 'VARCHAR',
diff --git a/interface/web/admin/remote_action_ispcupdate.php b/interface/web/admin/remote_action_ispcupdate.php
index 32bf0c4333b8973ec352bd7aee2fc07fac5ff633..263400665873c71a00137bcfb8d2e8d423e7bd5a 100644
--- a/interface/web/admin/remote_action_ispcupdate.php
+++ b/interface/web/admin/remote_action_ispcupdate.php
@@ -80,15 +80,8 @@ if (1 == 0 && isset($_POST['server_select'])) {
}
foreach ($servers as $serverId) {
$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
- "VALUES (".
- $app->functions->intval($serverId) . ", " .
- time() . ", " .
- "'ispc_update', " .
- "'', " .
- "'pending', " .
- "''" .
- ")";
- $app->db->query($sql);
+ "VALUES (?, UNIX_TIMESTAMP(), 'ispc_update', '', 'pending', '')";
+ $app->db->query($sql, $serverId);
}
$msg = $wb['action_scheduled'];
}
diff --git a/interface/web/admin/remote_action_osupdate.php b/interface/web/admin/remote_action_osupdate.php
index 61c6c23823689ad99558e2becba462b0905ba3e6..8f48e29f2d472d6937c37e73af54237c3f0f8bd3 100644
--- a/interface/web/admin/remote_action_osupdate.php
+++ b/interface/web/admin/remote_action_osupdate.php
@@ -76,15 +76,8 @@ if (isset($_POST['server_select'])) {
}
foreach ($servers as $serverId) {
$sql = "INSERT INTO sys_remoteaction (server_id, tstamp, action_type, action_param, action_state, response) " .
- "VALUES (".
- $app->functions->intval($serverId) . ", " .
- time() . ", " .
- "'os_update', " .
- "'', " .
- "'pending', " .
- "''" .
- ")";
- $app->db->query($sql);
+ "VALUES (?, UNIX_TIMESTAMP(), 'os_update', '', 'pending', '')";
+ $app->db->query($sql, $serverId);
}
$msg = $wb['action_scheduled'];
}
diff --git a/interface/web/admin/server_config_edit.php b/interface/web/admin/server_config_edit.php
index e561b00ac546fd900a48c0b292e1cbd7d2fcb37d..d64b6dd7dbae3b45eeb9c7133268c4689d9c9889 100644
--- a/interface/web/admin/server_config_edit.php
+++ b/interface/web/admin/server_config_edit.php
@@ -96,7 +96,7 @@ class page_action extends tform_actions {
$server_config_array[$section] = $app->tform->encode($this->dataRecord, $section);
$server_config_str = $app->ini_parser->get_ini_string($server_config_array);
- $app->db->datalogUpdate('server', "config = '".$app->db->quote($server_config_str)."'", 'server_id', $server_id);
+ $app->db->datalogUpdate('server', array("config" => $server_config_str), 'server_id', $server_id);
}
}
diff --git a/interface/web/admin/server_edit.php b/interface/web/admin/server_edit.php
index 0adf313181a23764852fd72c63baef27b96c6e38..c2e746d5c58fce1e2d2b8a08b8fa92de282b4079 100644
--- a/interface/web/admin/server_edit.php
+++ b/interface/web/admin/server_edit.php
@@ -55,8 +55,8 @@ class page_action extends tform_actions {
global $app, $conf;
// Getting Servers
- $sql = "SELECT server_id,server_name FROM server WHERE server_id != ".$app->functions->intval($this->id)." ORDER BY server_name";
- $mirror_servers = $app->db->queryAllRecords($sql);
+ $sql = "SELECT server_id,server_name FROM server WHERE server_id != ? ORDER BY server_name";
+ $mirror_servers = $app->db->queryAllRecords($sql, $this->id);
$mirror_server_select = '';
if(is_array($mirror_servers)) {
foreach( $mirror_servers as $mirror_server) {
diff --git a/interface/web/admin/server_ip_edit.php b/interface/web/admin/server_ip_edit.php
index c20f752b86c86c5535fe49a9a37b727ea5c0a469..f7872f4438954d47dc7dbdfbbd495b9032a5fe40 100644
--- a/interface/web/admin/server_ip_edit.php
+++ b/interface/web/admin/server_ip_edit.php
@@ -57,7 +57,7 @@ class page_action extends tform_actions {
//* Check if the server has been changed
// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
- $rec = $app->db->queryOneRecord("SELECT server_id from server_ip WHERE server_ip_id = ".$app->functions->intval($this->id));
+ $rec = $app->db->queryOneRecord("SELECT server_id from server_ip WHERE server_ip_id = ?", $this->id);
if($rec['server_id'] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
diff --git a/interface/web/admin/server_php_edit.php b/interface/web/admin/server_php_edit.php
index f60ae997a051a92b5d389701debc40db26b184d9..12aacf60b92a687c75c71f33fad9abe5b83cad5a 100644
--- a/interface/web/admin/server_php_edit.php
+++ b/interface/web/admin/server_php_edit.php
@@ -57,7 +57,7 @@ class page_action extends tform_actions {
//* Check if the server has been changed
// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
if(($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) && isset($this->dataRecord["server_id"])) {
- $rec = $app->db->queryOneRecord("SELECT server_id from server_php WHERE server_php_id = ".$app->functions->intval($this->id));
+ $rec = $app->db->queryOneRecord("SELECT server_id from server_php WHERE server_php_id = ?", $this->id);
if($rec['server_id'] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
diff --git a/interface/web/admin/software_package_install.php b/interface/web/admin/software_package_install.php
index 0fd58816a0e3056e2593c53ca8ff5d7af35bf95b..ccbfd73ebe6e2c3411f1a1fa32dd579c06b45ccd 100644
--- a/interface/web/admin/software_package_install.php
+++ b/interface/web/admin/software_package_install.php
@@ -38,11 +38,11 @@ $app->auth->check_security_permissions('admin_allow_software_packages');
//* This is only allowed for administrators
if(!$app->auth->is_admin()) die('only allowed for administrators.');
-$package_name = $app->db->quote($_REQUEST['package']);
+$package_name = $_REQUEST['package'];
$install_server_id = $app->functions->intval($_REQUEST['server_id']);
-$install_key = $app->db->quote(trim($_REQUEST['install_key']));
+$install_key = trim($_REQUEST['install_key']);
-$package = $app->db->queryOneRecord("SELECT * FROM software_package WHERE package_name = '$package_name'");
+$package = $app->db->queryOneRecord("SELECT * FROM software_package WHERE package_name = ?", $package_name);
$install_key_verified = false;
$message_err = '';
@@ -51,7 +51,7 @@ $message_ok = '';
//* verify the key
if($package['package_installable'] == 'key' && $install_key != '') {
- $repo = $app->db->queryOneRecord("SELECT * FROM software_repo WHERE software_repo_id = ".$app->db->quote($package['software_repo_id']));
+ $repo = $app->db->queryOneRecord("SELECT * FROM software_repo WHERE software_repo_id = ?", $package['software_repo_id']);
$client = new SoapClient(null, array('location' => $repo['repo_url'],
'uri' => $repo['repo_url']));
@@ -63,7 +63,7 @@ if($package['package_installable'] == 'key' && $install_key != '') {
$message_err = 'Verification of the key failed.';
} else {
// Store the verified key into the database
- $app->db->datalogUpdate('software_package', "package_key = '".$app->db->quote($install_key)."'", 'package_id', $package['package_id']);
+ $app->db->datalogUpdate('software_package', array("package_key" => $install_key), 'package_id', $package['package_id']);
}
} else {
$message_ok = 'Please enter the software key for the package.';
@@ -71,8 +71,8 @@ if($package['package_installable'] == 'key' && $install_key != '') {
//* Install packages, if all requirements are fullfilled.
if($install_server_id > 0 && $package_name != '' && ($package['package_installable'] == 'yes' || $install_key_verified == true)) {
- $sql = "SELECT software_update_id, package_name, update_title FROM software_update WHERE type = 'full' AND package_name = '".$app->db->quote($package_name)."' ORDER BY v1 DESC, v2 DESC, v3 DESC, v4 DESC LIMIT 0,1";
- $tmp = $app->db->queryOneRecord($sql);
+ $sql = "SELECT software_update_id, package_name, update_title FROM software_update WHERE type = 'full' AND package_name = ? ORDER BY v1 DESC, v2 DESC, v3 DESC, v4 DESC LIMIT 0,1";
+ $tmp = $app->db->queryOneRecord($sql, $package_name);
$software_update_id = $tmp['software_update_id'];
//* if package requires a DB and there is no data for a db in config, then we create this data now
@@ -91,7 +91,7 @@ if($install_server_id > 0 && $package_name != '' && ($package['package_installab
'database_host' => 'localhost');
$package_config_str = $app->ini_parser->get_ini_string($package_config_array);
$package['package_config'] = $package_config_str;
- $app->db->datalogUpdate('software_package', "package_config = '".$app->db->quote($package_config_str)."'", 'package_id', $package['package_id']);
+ $app->db->datalogUpdate('software_package', array("package_config" => $package_config_str), 'package_id', $package['package_id']);
}
}
@@ -105,7 +105,7 @@ if($install_server_id > 0 && $package_name != '' && ($package['package_installab
if(!isset($package_config_array['remote_api'])) {
$remote_user = 'ispapp'.$package['package_id'];
$remote_password = md5(mt_rand());
- $remote_functions = $app->db->quote($package['package_remote_functions']);
+ $remote_functions = $package['package_remote_functions'];
$package_config_array['remote_api'] = array(
'remote_hostname' => $_SERVER['HTTP_HOST'],
@@ -116,21 +116,25 @@ if($install_server_id > 0 && $package_name != '' && ($package['package_installab
$package_config_str = $app->ini_parser->get_ini_string($package_config_array);
$package['package_config'] = $package_config_str;
$remote_password_md5 = md5($remote_password);
- $app->db->datalogUpdate('software_package', "package_config = '".$app->db->quote($package_config_str)."'", 'package_id', $package['package_id']);
+ $app->db->datalogUpdate('software_package', array("package_config" => $package_config_str), 'package_id', $package['package_id']);
$sql = "INSERT INTO `remote_user` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `remote_username`, `remote_password`, `remote_functions`) VALUES
- (1, 1, 'riud', 'riud', '', '".$app->db->quote($remote_user)."', '".$app->db->quote($remote_password_md5)."', '".$app->db->quote($remote_functions)."');";
-
- $app->db->query($sql);
+ (1, 1, 'riud', 'riud', '', ?, ?, ?)";
+ $app->db->query($sql, $remote_user, $remote_password_md5, $remote_functions);
}
}
//* Add the record to start the install process
- $insert_data = "(package_name, server_id, software_update_id, status) VALUES ('".$app->db->quote($package_name)."', '".$app->db->quote($install_server_id)."', '".$app->db->quote($software_update_id)."','installing')";
+ $insert_data = array(
+ "package_name" => $package_name,
+ "server_id" => $install_server_id,
+ "software_update_id" => $software_update_id,
+ "status" => 'installing'
+ );
$app->db->datalogInsert('software_update_inst', $insert_data, 'software_update_inst_id');
- $message_ok = 'Starting package installation '."".$app->lng('next')."";
+ $message_ok = 'Starting package installation '."".$app->lng('next')."";
}
diff --git a/interface/web/admin/software_package_list.php b/interface/web/admin/software_package_list.php
index 489b6fbd545de5ddb80ea4a4270f2f98dfb733e5..5e552dbee7b9497c26bf17571c561cb85c4efbe9 100644
--- a/interface/web/admin/software_package_list.php
+++ b/interface/web/admin/software_package_list.php
@@ -48,27 +48,40 @@ if(is_array($repos) && isset($_GET['action']) && $_GET['action'] == 'repoupdate'
$packages = $client->get_packages($repo['repo_username'], $repo['repo_password']);
if(is_array($packages)) {
foreach($packages as $p) {
- $package_name = $app->db->quote($p['name']);
- $tmp = $app->db->queryOneRecord("SELECT package_id FROM software_package WHERE package_name = '".$app->db->quote($package_name)."'");
+ $package_name = $p['name'];
+ $tmp = $app->db->queryOneRecord("SELECT package_id FROM software_package WHERE package_name = ?", $package_name);
- $package_title = $app->db->quote($p['title']);
- $package_description = $app->db->quote($p['description']);
+ $package_title = $p['title'];
+ $package_description = $p['description'];
$software_repo_id = $app->functions->intval($repo['software_repo_id']);
- $package_type = $app->db->quote($p['type']);
- $package_installable = $app->db->quote($p['installable']);
- $package_requires_db = $app->db->quote($p['requires_db']);
- $package_remote_functions = $app->db->quote($p['remote_functions']);
+ $package_type = $p['type'];
+ $package_installable = $p['installable'];
+ $package_requires_db = $p['requires_db'];
+ $package_remote_functions = $p['remote_functions'];
if(empty($tmp['package_id'])) {
- //$sql = "INSERT INTO software_package (software_repo_id, package_name, package_title, package_description,package_type,package_installable,package_requires_db) VALUES ($software_repo_id, '$package_name', '$package_title', '$package_description','$package_type','$package_installable','$package_requires_db')";
- //$app->db->query($sql);
- $insert_data = "(software_repo_id, package_name, package_title, package_description,package_type,package_installable,package_requires_db,package_remote_functions) VALUES ($software_repo_id, '$package_name', '$package_title', '$package_description','$package_type','$package_installable','$package_requires_db','$package_remote_functions')";
+ $insert_data = array(
+ "software_repo_id" => $software_repo_id,
+ "package_name" => $package_name,
+ "package_title" => $package_title,
+ "package_description" => $package_description,
+ "package_type" => $package_type,
+ "package_installable" => $package_installable,
+ "package_requires_db" => $package_requires_db,
+ "package_remote_functions" => $package_remote_functions
+ );
$app->db->datalogInsert('software_package', $insert_data, 'package_id');
$packages_added++;
} else {
- //$sql = "UPDATE software_package SET software_repo_id = $software_repo_id, package_title = '$package_title', package_description = '$package_description', package_type = '$package_type', package_installable = '$package_installable', package_requires_db = '$package_requires_db' WHERE package_name = '$package_name'";
- //$app->db->query($sql);
- $update_data = "software_repo_id = $software_repo_id, package_title = '$package_title', package_description = '$package_description', package_type = '$package_type', package_installable = '$package_installable', package_requires_db = '$package_requires_db', package_remote_functions = '$package_remote_functions'";
+ $update_data = array(
+ "software_repo_id" => $software_repo_id,
+ "package_title" => $package_title,
+ "package_description" => $package_description,
+ "package_type" => $package_type,
+ "package_installable" => $package_installable,
+ "package_requires_db" => $package_requires_db,
+ "package_remote_functions" => $package_remote_functions
+ );
//echo $update_data;
$app->db->datalogUpdate('software_package', $update_data, 'package_id', $tmp['package_id']);
}
@@ -91,25 +104,31 @@ if(is_array($repos) && isset($_GET['action']) && $_GET['action'] == 'repoupdate'
$v3 = $app->functions->intval($version_array[2]);
$v4 = $app->functions->intval($version_array[3]);
- $package_name = $app->db->quote($u['package_name']);
+ $package_name = $u['package_name'];
$software_repo_id = $app->functions->intval($repo['software_repo_id']);
- $update_url = $app->db->quote($u['url']);
- $update_md5 = $app->db->quote($u['md5']);
- $update_dependencies = (isset($u['dependencies']))?$app->db->quote($u['dependencies']):'';
- $update_title = $app->db->quote($u['title']);
- $type = $app->db->quote($u['type']);
+ $update_url = $u['url'];
+ $update_md5 = $u['md5'];
+ $update_dependencies = (isset($u['dependencies']))?$u['dependencies']:'';
+ $update_title = $u['title'];
+ $type = $u['type'];
// Check that we do not have this update in the database yet
- $sql = "SELECT * FROM software_update WHERE package_name = '$package_name' and v1 = '$v1' and v2 = '$v2' and v3 = '$v3' and v4 = '$v4'";
- $tmp = $app->db->queryOneRecord($sql);
+ $sql = "SELECT * FROM software_update WHERE package_name = ? and v1 = ? and v2 = ? and v3 = ? and v4 = ?";
+ $tmp = $app->db->queryOneRecord($sql, $package_name, $v1, $v2, $v3, $v4);
if(!isset($tmp['software_update_id'])) {
- // Insert the update in the datbase
- //$sql = "INSERT INTO software_update (software_repo_id, package_name, update_url, update_md5, update_dependencies, update_title, v1, v2, v3, v4, type)
- //VALUES ($software_repo_id, '$package_name', '$update_url', '$update_md5', '$update_dependencies', '$update_title', '$v1', '$v2', '$v3', '$v4', '$type')";
- //die($sql);
- //$app->db->query($sql);
- $insert_data = "(software_repo_id, package_name, update_url, update_md5, update_dependencies, update_title, v1, v2, v3, v4, type)
- VALUES ($software_repo_id, '$package_name', '$update_url', '$update_md5', '$update_dependencies', '$update_title', '$v1', '$v2', '$v3', '$v4', '$type')";
+ $insert_data = array(
+ "software_repo_id" => $software_repo_id,
+ "package_name" => $package_name,
+ "update_url" => $update_url,
+ "update_md5" => $update_md5,
+ "update_dependencies" => $update_dependencies,
+ "update_title" => $update_title,
+ "v1" => $v1,
+ "v2" => $v2,
+ "v3" => $v3,
+ "v4" => $v4,
+ "type" => $type
+ );
$app->db->datalogInsert('software_update', $insert_data, 'software_update_id');
}
@@ -120,23 +139,6 @@ if(is_array($repos) && isset($_GET['action']) && $_GET['action'] == 'repoupdate'
}
}
-//* Install packages, if GET Request
-/*
-if(isset($_GET['action']) && $_GET['action'] == 'install' && $_GET['package'] != '' && $_GET['server_id'] > 0) {
- $package_name = $app->db->quote($_GET['package']);
- $server_id = $app->functions->intval($_GET['server_id']);
- $sql = "SELECT software_update_id, package_name, update_title FROM software_update WHERE type = 'full' AND package_name = '$package_name' ORDER BY v1 DESC, v2 DESC, v3 DESC, v4 DESC LIMIT 0,1";
- $tmp = $app->db->queryOneRecord($sql);
- $software_update_id = $tmp['software_update_id'];
-
- $insert_data = "(package_name, server_id, software_update_id, status) VALUES ('$package_name', '$server_id', '$software_update_id','installing')";
- // $insert_data = "(package_name, server_id, software_update_id, status) VALUES ('$package_name', '$server_id', '$software_update_id','installed')";
- $app->db->datalogInsert('software_update_inst', $insert_data, 'software_update_inst_id');
-}
-*/
-
-
-
// Show the list in the interface
// Loading the template
$app->uses('tpl');
@@ -150,7 +152,7 @@ if(is_array($packages) && count($packages) > 0) {
foreach($packages as $key => $p) {
$installed_txt = '';
foreach($servers as $s) {
- $inst = $app->db->queryOneRecord("SELECT * FROM software_update, software_update_inst WHERE software_update_inst.software_update_id = software_update.software_update_id AND software_update_inst.package_name = '".$app->db->quote($p["package_name"])."' AND server_id = '".$app->functions->intval($s["server_id"])."'");
+ $inst = $app->db->queryOneRecord("SELECT * FROM software_update, software_update_inst WHERE software_update_inst.software_update_id = software_update.software_update_id AND software_update_inst.package_name = ? AND server_id = ?", $p["package_name"], $s["server_id"]);
$version = $inst['v1'].'.'.$inst['v2'].'.'.$inst['v3'].'.'.$inst['v4'];
if($inst['status'] == 'installed') {
@@ -165,7 +167,7 @@ if(is_array($packages) && count($packages) > 0) {
if($p['package_installable'] == 'no') {
$installed_txt .= $s['server_name'].": ".$app->lng("Package can not be installed.")." ";
} else {
- $installed_txt .= $s['server_name'].": Install now ";
+ $installed_txt .= $s['server_name'].": Install now ";
}
}
}
diff --git a/interface/web/admin/software_update_list.php b/interface/web/admin/software_update_list.php
index 8bc8b79a410613f21d3c1d018b29fc142ce4df95..c987e9e04bebe9606a45cbac217d5c40925a7947 100644
--- a/interface/web/admin/software_update_list.php
+++ b/interface/web/admin/software_update_list.php
@@ -72,23 +72,23 @@ if(is_array($repos)) {
$v3 = $app->functions->intval($version_array[2]);
$v4 = $app->functions->intval($version_array[3]);
- $package_name = $app->db->quote($u['package_name']);
+ $package_name = $u['package_name'];
$software_repo_id = $app->functions->intval($repo['software_repo_id']);
- $update_url = $app->db->quote($u['url']);
- $update_md5 = $app->db->quote($u['md5']);
- $update_dependencies = (isset($u['dependencies']))?$app->db->quote($u['dependencies']):'';
- $update_title = $app->db->quote($u['title']);
- $type = $app->db->quote($u['type']);
+ $update_url = $u['url'];
+ $update_md5 = $u['md5'];
+ $update_dependencies = (isset($u['dependencies']))?$u['dependencies']:'';
+ $update_title = $u['title'];
+ $type = $u['type'];
// Check that we do not have this update in the database yet
- $sql = "SELECT * FROM software_update WHERE package_name = '$package_name' and v1 = '$v1' and v2 = '$v2' and v3 = '$v3' and v4 = '$v4'";
- $tmp = $app->db->queryOneRecord($sql);
+ $sql = "SELECT * FROM software_update WHERE package_name = ? and v1 = ? and v2 = ? and v3 = ? and v4 = ?";
+ $tmp = $app->db->queryOneRecord($sql, $package_name, $v1, $v2, $v3, $v4);
if(!isset($tmp['software_update_id'])) {
// Insert the update in the datbase
$sql = "INSERT INTO software_update (software_repo_id, package_name, update_url, update_md5, update_dependencies, update_title, v1, v2, v3, v4, type)
- VALUES ($software_repo_id, '$package_name', '$update_url', '$update_md5', '$update_dependencies', '$update_title', '$v1', '$v2', '$v3', '$v4', '$type')";
+ VALUES ($software_repo_id, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
//die($sql);
- $app->db->query($sql);
+ $app->db->query($sql, $package_name, $update_url, $update_md5, $update_dependencies, $update_title, $v1, $v2, $v3, $v4, $type);
}
}
@@ -101,12 +101,16 @@ if(is_array($repos)) {
//* Install packages, if GET Request
if(isset($_GET['action']) && $_GET['action'] == 'install' && $_GET['package'] != '' && $_GET['server_id'] > 0) {
- $package_name = $app->db->quote($_GET['package']);
+ $package_name = $_GET['package'];
$server_id = $app->functions->intval($_GET['server_id']);
$software_update_id = $app->functions->intval($_GET['id']);
- $insert_data = "(package_name, server_id, software_update_id, status) VALUES ('$package_name', '$server_id', '$software_update_id','installing')";
- // $insert_data = "(package_name, server_id, software_update_id, status) VALUES ('$package_name', '$server_id', '$software_update_id','installed')";
+ $insert_data = array(
+ "package_name" => $package_name,
+ "server_id" => $server_id,
+ "software_update_id" => $software_update_id,
+ "status" => 'installing'
+ );
$app->db->datalogInsert('software_update_inst', $insert_data, 'software_update_inst_id');
}
@@ -162,12 +166,12 @@ if(is_array($installed_packages)) {
foreach($installed_packages as $ip) {
// Get version number of the latest installed version
- $sql = "SELECT v1, v2, v3, v4 FROM software_update, software_update_inst WHERE software_update.software_update_id = software_update_inst.software_update_id AND server_id = ".$app->functions->intval($server_id)." ORDER BY v1 DESC , v2 DESC , v3 DESC , v4 DESC LIMIT 0,1";
- $lu = $app->db->queryOneRecord($sql);
+ $sql = "SELECT v1, v2, v3, v4 FROM software_update, software_update_inst WHERE software_update.software_update_id = software_update_inst.software_update_id AND server_id = ? ORDER BY v1 DESC , v2 DESC , v3 DESC , v4 DESC LIMIT 0,1";
+ $lu = $app->db->queryOneRecord($sql, $server_id);
// Get all installable updates
- $sql = "SELECT * FROM software_update WHERE v1 >= ".$app->functions->intval($lu['v1'])." AND v2 >= ".$app->functions->intval($lu['v2'])." AND v3 >= ".$app->functions->intval($lu['v3'])." AND v4 >= ".$app->functions->intval($lu['v4'])." AND package_name = '".$app->db->quote($ip['package_name'])."' ORDER BY v1 DESC , v2 DESC , v3 DESC , v4 DESC";
- $updates = $app->db->queryAllRecords($sql);
+ $sql = "SELECT * FROM software_update WHERE v1 >= ? AND v2 >= ? AND v3 >= ? AND v4 >= ? AND package_name = ? ORDER BY v1 DESC , v2 DESC , v3 DESC , v4 DESC";
+ $updates = $app->db->queryAllRecords($sql, $lu['v1'], $lu['v2'], $lu['v3'], $lu['v4'], $ip['package_name']);
//die($sql);
if(is_array($updates)) {
@@ -176,7 +180,7 @@ if(is_array($installed_packages)) {
foreach($updates as $key => $u) {
$version = $u['v1'].'.'.$u['v2'].'.'.$u['v3'].'.'.$u['v4'];
- $installed_txt = "Install Update ";
+ $installed_txt = "Install Update ";
$records_out[] = array('version' => $version, 'update_title' => $u["update_title"], 'installed' => $installed_txt);
}
@@ -184,30 +188,6 @@ if(is_array($installed_packages)) {
}
}
-/*
-$updates = $app->db->queryAllRecords('SELECT software_update.update_title, software_update.software_update_id, software_update.package_name, v1, v2, v3, v4, software_update_inst.status
- FROM software_update LEFT JOIN software_update_inst ON ( software_update.software_update_id = software_update_inst.software_update_id )
- WHERE server_id = '.$server_id.'
- GROUP BY software_update.package_name
- ORDER BY software_update.package_name ASC, v1 DESC , v2 DESC , v3 DESC , v4 DESC');
-
-if(is_array($updates)) {
- foreach($updates as $key => $u) {
- $installed_txt = '';
-
- $version = $u['v1'].'.'.$u['v2'].'.'.$u['v3'].'.'.$u['v4'];
- $updates[$key]['version'] = $version;
- if($u['status'] == 'installed' || $u['status'] == 'installing' || $u['status'] == 'deleting') {
- $installed_txt .= "Installed version $version ";
- } else {
- $installed_txt .= "Install now ";
- }
- $updates[$key]['installed'] = $installed_txt;
-
- }
-}
-*/
-
$app->tpl->setLoop('records', $records_out);
diff --git a/interface/web/admin/system_config_edit.php b/interface/web/admin/system_config_edit.php
index 7108f2707a8aa31bf498b143305dd2f127c8ae89..f48f11b7ed5faf17521c4cb4b18f003568fefdd4 100644
--- a/interface/web/admin/system_config_edit.php
+++ b/interface/web/admin/system_config_edit.php
@@ -89,13 +89,24 @@ class page_action extends tform_actions {
$available_dashlets_txt = '';
$handle = @opendir(ISPC_WEB_PATH.'/dashboard/dashlets');
while ($file = @readdir($handle)) {
- if ($file != '.' && $file != '..' && !is_dir($file)) {
+ if ($file != '.' && $file != '..' && !is_dir(ISPC_WEB_PATH.'/dashboard/dashlets/'.$file)) {
$available_dashlets_txt .= '['.substr($file, 0, -4).']['.substr($file, 0, -4).'], ';
}
}
if($available_dashlets_txt == '') $available_dashlets_txt = '------';
$app->tpl->setVar("available_dashlets_txt", $available_dashlets_txt);
+
+ // Logo
+ $sys_ini = $app->db->queryOneRecord("SELECT * FROM sys_ini WHERE sysini_id = ?", $this->id);
+ if($sys_ini['custom_logo'] != ''){
+ $logo = ' ';
+ } else {
+ $logo = '';
+ }
+ $default_logo = '';
+ $app->tpl->setVar("used_logo", $logo);
+ $app->tpl->setVar("default_logo", $default_logo);
parent::onShowEnd();
}
@@ -165,9 +176,7 @@ class page_action extends tform_actions {
$server_config_array[$section] = $new_config;
$server_config_str = $app->ini_parser->get_ini_string($server_config_array);
- //$sql = "UPDATE sys_ini SET config = '".$app->db->quote($server_config_str)."' WHERE sysini_id = 1";
- //if($conf['demo_mode'] != true) $app->db->query($sql);
- if($conf['demo_mode'] != true) $app->db->datalogUpdate('sys_ini', "config = '".$app->db->quote($server_config_str)."'", 'sysini_id', 1);
+ if($conf['demo_mode'] != true) $app->db->datalogUpdate('sys_ini', array("config" => $server_config_str), 'sysini_id', 1);
/*
* If we should use the domain-module, we have to insert all existing domains into the table
@@ -185,26 +194,28 @@ class page_action extends tform_actions {
"FROM web_domain WHERE type NOT IN ('subdomain','vhostsubdomain')";
$app->db->query($sql);
}
+
+ //die(print_r($_FILES));
+ // Logo
+ /*
+ if(isset($_FILES['file']['name']) && is_uploaded_file($_FILES['file']['tmp_name'])){
+ //print_r($_FILES);
+
+ $path= $_FILES['file']['tmp_name'];
+ $type = pathinfo($path, PATHINFO_EXTENSION);
+ $data = file_get_contents($path);
+ $base64 = 'data:image/' . $type . ';base64,' . base64_encode($data);
+ $app->db->query("UPDATE sys_ini SET custom_logo = ? WHERE sysini_id = ?", $base64, $this->id);
+ }
+ */
// Maintenance mode
if($server_config_array['misc']['maintenance_mode'] == 'y'){
//print_r($_SESSION);
//echo $_SESSION['s']['id'];
- $app->db->query("DELETE FROM sys_session WHERE session_id != '".$app->db->quote($_SESSION['s']['id'])."'");
+ $app->db->query("DELETE FROM sys_session WHERE session_id != ?", $_SESSION['s']['id']);
}
}
-
- /*
- function onAfterUpdate() {
- if($this->_js_changed == true) {
- // not the best way, but it works
- header('Content-Type: text/html');
- print '';
- exit;
- }
- }
- */
-
}
$app->tform_actions = new page_action;
diff --git a/interface/web/admin/templates/directive_snippets_edit.htm b/interface/web/admin/templates/directive_snippets_edit.htm
index 7a17cb679e79a28e96a911b15c730a3c8d7de875..21b76867ec12d468ff7371222951e1ef809276aa 100644
--- a/interface/web/admin/templates/directive_snippets_edit.htm
+++ b/interface/web/admin/templates/directive_snippets_edit.htm
@@ -1,41 +1,49 @@
-
+
-
|